$Sock_Cert_Levels

From m204wiki
Revision as of 01:14, 20 January 2012 by JAL (talk | contribs) (→‎Usage notes)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Number of levels in partner's certificate

Most Sirius $functions have been deprecated in favor of Object Oriented methods. There is currently no direct OO equivalent for this $function.

$Sock_Cert_Levels retrieves the number of levels of the certificate provided on a socket by the remote partner.

Syntax

%num = $Sock_Cert_Levels(socket)

Syntax terms

%num The number of levels in the certificate provided by the remote partner.
socket A string that is the socket identifier.

Usage notes

  • For an SSL connection where the client sent a certificate, $Sock_Cert_Levels will return a number greater than 0:
    • Level 0 of a certificate always contains the client information.
    • Level 1 contains the information for the "signer" of the client certificate.
    • Level 2 would contain information for the "signer" of the level 1 signer's certificate, and so on.

    Since all certificates accepted by Janus Network Security must be signed, $Sock_Cert_Levels is always greater than or equal to 2, if non-zero. Level 3 indicates a certificate that includes an intermediate certificate.

    For information on the data that can be retrieved for each certificate level see $Sock_Cert_Info. To learn more about client certificates, see the Janus Network Security Reference Manual.

  • $Sock_Cert_Levels returns the value -1 if the socket is not open and ONRESET CONTINUE is in effect for the socket.
  • A $Sock_Cert_Levels call may cause an SSL renegotiation in order to request a digital certificate from the client. See this $Sock_Cert_Info usage note.

Example

The following statement returns the number of levels of the certificate received from the partner using the server socket (SRVSOCK):

%count = $Sock_Cert_Levels(1)