Export (0) Print
Expand All
Expand Minimize

VERIFYSERVERCERT callback function

VERIFYSERVERCERT is a callback function that allows a client to evaluate the certificate chain of the server to which it is connected.

Syntax


BOOLEAN _cdecl VERIFYSERVERCERT(
  PLDAP Connection,
  PCCERT_CONTEXT *ppServerCert
);

Parameters

Connection

The session handle.

ppServerCert

A pointer to a pointer to a session handle, represented by CERT_CONTEXT.

Return value

If the function succeeds (the client approves the server certificate), the return value is TRUE.

If the function fails; the return value is FALSE and the secure connection is torn down.

Remarks

The VERIFYSERVERCERT callback function allows the client to verify the certificate of the server. The client registers a callback which is invoked after the secure connection is set up. The server certificate context is presented to the callback function, where it can be verified as acceptable or not. To register this callback, call ldap_set_optionwhere CertRoutine is the address of your callback function.


conn, LDAP_OPT_SERVER_CERTIFICATE, &CertRoutine

The server calls VERIFYSERVERCERT after the secure connection has been established. The server's certificate context is supplied for examination by the client.

An application should use the ppServerCert parameter as: PCCERT_CONTEXT* ppServerCert = (PCCERT_CONTEXT*)pServerCert;

Even though VERIFYSERVERCERT is declared as receiving a PCCERT_CONTEXT, it in fact receives a PCCERT_CONTEXT*. The ppServerCert can be used to verify the certificate. CertFreeCertificateContext should be called before this function returns. The call to this function should be made as follows:


CertFreeCertificateContext(*ppServerCert);

Or, alternatively, as:


CertFreeCertificateContext(*((PCCERT_CONTEXT*)pServerCert));

Requirements

Minimum supported client

Windows Vista

Minimum supported server

Windows Server 2003

Header

Winldap.h

See also

Functions
ldap_set_option

 

 

Show:
© 2014 Microsoft