◆ clientCertificateValidationCallback

std::function<bool(bool verified, X509_STORE_CTX* ctx, const ConnectionInfoPtr& info)> Ice::SSL::OpenSSLServerAuthenticationOptions::clientCertificateValidationCallback {}

A callback for validating the client certificate chain.

If the verification callback returns false, the connection will be aborted with an Ice::SecurityException.

Parameters

verified	A boolean indicating whether the preliminary certificate verification performed by OpenSSL's built-in mechanisms succeeded or failed. true if the preliminary checks passed, false otherwise.
ctx	A pointer to an X509_STORE_CTX object, which contains the certificate chain to be verified.
info	The connection info object that provides additional connection-related data. The ConnectionInfo type is an alias for the platform-specific connection info class.

Returns: true if the certificate chain is valid and the connection should proceed; false if the certificate chain is invalid and the connection should be aborted.

Exceptions

Ice::SecurityException if the certificate chain is invalid and the connection should be aborted.

Example of setting clientCertificateValidationCallback:

    communicator->createObjectAdapterWithEndpoints(
        "Hello",
        "ssl -h 127.0.0.1 -p 10000",
        Ice::SSL::ServerAuthenticationOptions{
            .clientCertificateValidationCallback =
                [](bool verified, X509_STORE_CTX*, const Ice::SSL::ConnectionInfoPtr&)
            { return verified; }});

See also: Certificate verification in OpenSSL.; SSL::OpenSSLConnectionInfo; SSL::SecureTransportConnectionInfo; SSL::SchannelConnectionInfo

Definition at line 268 of file ServerAuthenticationOptions.h.

	Ice 3.8 C++ API Reference