QUERYCLIENTCERT (Windows CE 5.0)
This callback function is an application-defined function. It is a client-side function that allows the server to request a certificate from the client when establishing a Secure Sockets Layer (SSL) connection. The QUERYCLIENTCERT name for this function is a placeholder for the function name defined by the application.
BOOLEAN QUERYCLIENTCERT(PLDAPConnection,PSecPkgContext_IssuerListInfoExtrusted_CAs,HCERTSTORE hCertStore,DWORD* pcCreds);
Parameters
- Connection
[in] Session handle. - trusted_CAs
[in] List of server-trusted certification authorities. - hCertStore
[in, out] Upon receiving the callback, the server converts the client certificates to CERT_CONTEXTs, adds them to a given CertStore handle along with the client credentials (pcCreds), and returns a value of TRUE. If the server is not willing to pass in a client certificate, a value of FALSE is returned. - pcCreds
[in, out] Client credentials.
Return Values
The return values are user-defined.
Remarks
Implement this function in your client application with the signature described above. Then call ldap_set_option (conn, LDAP_OPT_CLIENT_CERTIFICATE, &CertRoutine), where CertRoutine is the address of your callback routine.
When the server demands a client certificate for authorization, it will call this callback function. The LDAP run time passes a structure containing a list of server-trusted certification authorities. If the user can successfully provide the server with a certificate issued by any of these certification authorities, the run time allocates an array of one or more CERT_CONTEXT structures, fills in the certificates, and passes back a pointer to the structure. The run time will subsequently pass these credentials to the SSL server as part of the handshake.
Requirements
OS Versions: Windows CE .NET 4.0 and later.
Header: Winldap.h.
Link Library: Wldap32.lib.
See Also
ldap_set_option | CERT_CONTEXT
Send Feedback on this topic to the authors