serverSSLContextSelectionCallback

std::function<SSL_CTX*(const std::string& adapterName)> Ice::SSL::OpenSSLServerAuthenticationOptions::serverSSLContextSelectionCallback {}

A callback that selects the server's SSL_CTX object based on the name of the object adapter that accepted the connection.

This callback associates a specific SSL configuration with an incoming connection identified by the name of the object adapter that accepted the connection. The callback must return a pointer to a valid SSL_CTX object previously initialized using the OpenSSL API. The SSL transport takes ownership of the returned SSL_CTX object and releases it after closing the connection.

If the application does not provide a callback, the SSL transport will use an SSL_CTX object created with SSL_CTX_new(), which uses the default OpenSSL configuration.

The SSL transport calls this callback for each new incoming connection to obtain the SSL_CTX object before starting the SSL handshake.

Parameters

adapterName

The name of the object adapter that accepted the connection.

Returns

A pointer to an SSL_CTX object representing the SSL configuration for the new incoming connection.

Example of setting serverSSLContextSelectionCallback:

    SSL_CTX* sslContext = SSL_CTX_new(TLS_method());
    // Load the server certificate chain from the keychain using SecureTransport APIs.
    communicator->createObjectAdapterWithEndpoints(
        "Hello",
        "ssl -h 127.0.0.1 -p 10000",
        Ice::SSL::ServerAuthenticationOptions{
            .serverSSLContextSelectionCallback = [sslContext](const std::string&)
            {
                // Keep the SSLContext alive for the lifetime of the connection.
                SSL_CTX_up_ref(sslContext);
                return sslContext;
            }});
    communicator->waitForShutdown();
    // Release the SSLContext when no longer needed
    SSL_CTX_free(sslContext);

Definition at line 230 of file ServerAuthenticationOptions.h.