> I'm currently setting up a connection using OpenSSL for the first > I'm unsure when I can conclude (on > server side) that a client is fully authenticated.
Not sure if your application is a client or server, but they are similar, everything happens in the HandshakeDone event. You need to check Errcode, if not zero SSL negotiation has already failed and you should disconnect. If Errcode is zero, and you care about certificates, and set SslVerifyPeer, you can check if the certificate is basically valid. But a proper check of the certificate chain is more complicated, and either needs a list of root certificates (hundreds) to test, or use the Microsoft crypto APIs to let Windows check it's root store. That easier with the latest ICS v8 today,m using OverbyteIcsMsSslUtils. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be