$Sock Cert Levels: Difference between revisions

From m204wiki
Jump to navigation Jump to search
 
m (link repair)
 
(6 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{DISPLAYTITLE:$Sock_Cert_Levels}}
{{DISPLAYTITLE:$Sock_Cert_Levels}}
<span class="pageSubtitle">Number of levels in partner's certificate</span>
<span class="pageSubtitle">Number of levels in partner's certificate</span>
<p class="warning">Most Sirius $functions have been deprecated in favor of Object Oriented
<p class="warn"><b>Note: </b>Most $functions have been deprecated in favor of Object Oriented
methods. There is currently no direct OO equivalent for this $function.</p>
methods. The OO equivalent for <var>$Sock_Cert_Levels</var> is the <var>[[CertLevels (Socket function)|CertLevels]]</var> method.</p>


<var>$Sock_Cert_Levels</var> retrieves the number of
<var>$Sock_Cert_Levels</var> retrieves the number of
Line 11: Line 11:


===Syntax terms===
===Syntax terms===
<table class="syntaxTable">
<table>
<tr><th>%num</th>
<tr><th>%num</th>
<td>The number of levels in the certificate provided by the remote partner. </td></tr>  
<td>The number of levels in the certificate provided by the remote partner. </td></tr>  
Line 22: Line 22:
<li>For an SSL connection where the client sent a certificate, <var>$Sock_Cert_Levels</var> will return a number greater than 0:  
<li>For an SSL connection where the client sent a certificate, <var>$Sock_Cert_Levels</var> will return a number greater than 0:  
<ul>  
<ul>  
<li>Level 0 of a certificate always contains the client information.  
<li>Level 0 of a certificate always contains the client information. </li>
<li>Level 1 contains the information for the "signer" of the client certificate.  
 
<li>Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.  
<li>Level 1 contains the information for the "signer" of the client certificate. </li>
 
<li>Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on. </li>
</ul>  
</ul>  
Since all certificates accepted by <var class="product">Janus Network Security</var> must be signed, <var>$Sock_Cert_Levels</var> is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate.
Since all certificates accepted by <var class="product">Janus Network Security</var> must be signed, <var>$Sock_Cert_Levels</var> is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate.


For information on the data that can be retrieved for each certificate level see <var>[[$Sock_Cert_Info]]</var>. To learn more about client certificates, see the <i>[http://www.sirius-software.com/maint/download/jansslr.pdf Janus Network Security Reference Manual]</i>.
For information on the data that can be retrieved for each certificate level see <var>[[$Sock_Cert_Info]]</var>. To learn more about client certificates, see [[Janus Network Security]]. </li>
<li><var>$Sock_Cert_Levels</var> returns the value -1 if the socket is not open and <code>ONRESET CONTINUE</code> is in effect for the socket.  
 
<li>A $Sock_Cert_Levels call may cause an SSL renegotiation in order to request a digital certificate from the client. See [[$Sock_Cert_Info#renegotiate|this]] <var>$Sock_Cert_Info</var> usage note.  
<li><var>$Sock_Cert_Levels</var> returns the value -1 if the socket is not open and <code>ONRESET CONTINUE</code> is in effect for the socket. </li>
<li>A <var>$Sock_Cert_Levels</var> call may cause an SSL renegotiation in order to request a digital certificate from the client. See [[$Sock_Cert_Info#renegotiate|this]] <var>$Sock_Cert_Info</var> usage note. </li>
</ul>
</ul>



Latest revision as of 19:06, 1 June 2016

Number of levels in partner's certificate

Note: Most $functions have been deprecated in favor of Object Oriented methods. The OO equivalent for $Sock_Cert_Levels is the CertLevels method.

$Sock_Cert_Levels retrieves the number of levels of the certificate provided on a socket by the remote partner.

Syntax

%num = $Sock_Cert_Levels(socket)

Syntax terms

%num The number of levels in the certificate provided by the remote partner.
socket A string that is the socket identifier.

Usage notes

  • For an SSL connection where the client sent a certificate, $Sock_Cert_Levels will return a number greater than 0:
    • Level 0 of a certificate always contains the client information.
    • Level 1 contains the information for the "signer" of the client certificate.
    • Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.

    Since all certificates accepted by Janus Network Security must be signed, $Sock_Cert_Levels is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate.

    For information on the data that can be retrieved for each certificate level see $Sock_Cert_Info. To learn more about client certificates, see Janus Network Security.
  • $Sock_Cert_Levels returns the value -1 if the socket is not open and ONRESET CONTINUE is in effect for the socket.
  • A $Sock_Cert_Levels call may cause an SSL renegotiation in order to request a digital certificate from the client. See this $Sock_Cert_Info usage note.

Example

The following statement returns the number of levels of the certificate received from the partner using the server socket (SRVSOCK):

%count = $Sock_Cert_Levels(1)