$Sock Cert Levels: Difference between revisions
Jump to navigation
Jump to search
m (→Usage notes) |
m (link repair) |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE:$Sock_Cert_Levels}} | {{DISPLAYTITLE:$Sock_Cert_Levels}} | ||
<span class="pageSubtitle">Number of levels in partner's certificate</span> | <span class="pageSubtitle">Number of levels in partner's certificate</span> | ||
<p class=" | <p class="warn"><b>Note: </b>Most $functions have been deprecated in favor of Object Oriented | ||
methods. | methods. The OO equivalent for <var>$Sock_Cert_Levels</var> is the <var>[[CertLevels (Socket function)|CertLevels]]</var> method.</p> | ||
<var>$Sock_Cert_Levels</var> retrieves the number of | <var>$Sock_Cert_Levels</var> retrieves the number of | ||
Line 11: | Line 11: | ||
===Syntax terms=== | ===Syntax terms=== | ||
<table | <table> | ||
<tr><th>%num</th> | <tr><th>%num</th> | ||
<td>The number of levels in the certificate provided by the remote partner. </td></tr> | <td>The number of levels in the certificate provided by the remote partner. </td></tr> | ||
Line 22: | Line 22: | ||
<li>For an SSL connection where the client sent a certificate, <var>$Sock_Cert_Levels</var> will return a number greater than 0: | <li>For an SSL connection where the client sent a certificate, <var>$Sock_Cert_Levels</var> will return a number greater than 0: | ||
<ul> | <ul> | ||
<li>Level 0 of a certificate always contains the client information. | <li>Level 0 of a certificate always contains the client information. </li> | ||
<li>Level 1 contains the information for the "signer" of the client certificate. | |||
<li>Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on. | <li>Level 1 contains the information for the "signer" of the client certificate. </li> | ||
<li>Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on. </li> | |||
</ul> | </ul> | ||
Since all certificates accepted by <var class="product">Janus Network Security</var> must be signed, <var>$Sock_Cert_Levels</var> is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate. | Since all certificates accepted by <var class="product">Janus Network Security</var> must be signed, <var>$Sock_Cert_Levels</var> is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate. | ||
For information on the data that can be retrieved for each certificate level see <var>[[$Sock_Cert_Info]]</var>. To learn more about client certificates, see | For information on the data that can be retrieved for each certificate level see <var>[[$Sock_Cert_Info]]</var>. To learn more about client certificates, see [[Janus Network Security]]. </li> | ||
<li><var>$Sock_Cert_Levels</var> returns the value -1 if the socket is not open and <code>ONRESET CONTINUE</code> is in effect for the socket. | |||
<li>A <var>$Sock_Cert_Levels</var> call may cause an SSL renegotiation in order to request a digital certificate from the client. See [[$Sock_Cert_Info#renegotiate|this]] <var>$Sock_Cert_Info</var> usage note. | <li><var>$Sock_Cert_Levels</var> returns the value -1 if the socket is not open and <code>ONRESET CONTINUE</code> is in effect for the socket. </li> | ||
<li>A <var>$Sock_Cert_Levels</var> call may cause an SSL renegotiation in order to request a digital certificate from the client. See [[$Sock_Cert_Info#renegotiate|this]] <var>$Sock_Cert_Info</var> usage note. </li> | |||
</ul> | </ul> | ||
Latest revision as of 19:06, 1 June 2016
Number of levels in partner's certificate
Note: Most $functions have been deprecated in favor of Object Oriented methods. The OO equivalent for $Sock_Cert_Levels is the CertLevels method.
$Sock_Cert_Levels retrieves the number of levels of the certificate provided on a socket by the remote partner.
Syntax
%num = $Sock_Cert_Levels(socket)
Syntax terms
%num | The number of levels in the certificate provided by the remote partner. |
---|---|
socket | A string that is the socket identifier. |
Usage notes
- For an SSL connection where the client sent a certificate, $Sock_Cert_Levels will return a number greater than 0:
- Level 0 of a certificate always contains the client information.
- Level 1 contains the information for the "signer" of the client certificate.
- Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.
Since all certificates accepted by Janus Network Security must be signed, $Sock_Cert_Levels is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate.
For information on the data that can be retrieved for each certificate level see $Sock_Cert_Info. To learn more about client certificates, see Janus Network Security. - $Sock_Cert_Levels returns the value -1 if the socket is not open and
ONRESET CONTINUE
is in effect for the socket. - A $Sock_Cert_Levels call may cause an SSL renegotiation in order to request a digital certificate from the client. See this $Sock_Cert_Info usage note.
Example
The following statement returns the number of levels of the certificate received from the partner using the server socket (SRVSOCK):
%count = $Sock_Cert_Levels(1)