Using client certificates with TCrtSocket

squirrel · 2020-08-04 07:45:25

When making a TLS tcp connection to a 3rd party server using TCrtSocket, the server requests a client certificate. Valid certificates with client authentication key usage purposes are installed on the client's windows certificate store. How do I provide these to the server over the standard tls tcp connection?

Last edited by squirrel (2020-08-04 07:56:43)

ab · 2020-08-04 08:20:28

Do you want to transmit the certificates from client to the server? Public certicates?
You want to make client authentication, I guess.
If the client transmits its own certificates by itself, then I don't see any benefit. A third-party authentication service should transmit the certificate.

squirrel · 2020-08-04 08:34:11

This link describes it better than I can:
https://techcommunity.microsoft.com/t5/ … a-p/324623

"Client Certificate Authentication is a mutual certificate based authentication, where the client provides its Client Certificate to the Server to prove its identity. This happens as a part of the SSL Handshake"

I need to perform secure tcp communications to a 3rd party server where client certificate authentication is used and where the server is configured for this part to not be optional.

Last edited by squirrel (2020-08-04 09:31:16)

ab · 2020-08-04 09:46:36

So the client public key should be recorded on the server side.
The client private key cannot be set with TCrtSock.

But it is allowed with TCurlHTTP - which requires libcurl.

mORMot Open Source

#1 2020-08-04 07:45:25

Using client certificates with TCrtSocket

#2 2020-08-04 08:20:28

Re: Using client certificates with TCrtSocket

#3 2020-08-04 08:34:11

Re: Using client certificates with TCrtSocket

#4 2020-08-04 09:46:36

Re: Using client certificates with TCrtSocket

Board footer