Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
The following procedure describes how to establish a secure socket connection.
-
Create a socket with the socketfunction.
-
Set the socket in secure mode with the setsockoptfunction. Set levelto SOL_SOCKET, optnameto SO_SECURE, and optvalto a DWORDset to SO_SEC_SSL.
-
Specify the certificate validation callback function by calling WSAIoctlwith the SO_SSL_SET_VALIDATE_CERT_HOOK control code.
-
To verify the server's identity during the handshake, call WSAIoctlwith the SO_SSL_SET_PEERNAME control code.
The server name is verified against the server certificate after a successful SSL handshake. The verification results are then indicated in the certificate validation callback. If the specified server name does not match the one indicated in the certificate chain of the SSL Handshake, SSL_CERT_FLAG_ISSUER_UNKNOWN is set in the dwFlags parameter of SslValidateCertHook.
If you do not perform this step, no verification is performed.
-
To specify a particular security protocol, call WSAIoctlwith the SO_SSL_GET_PROTOCOLS control code to determine the default protocols. Then call WSAIoctlwith the SO_SSL_SET_PROTOCOLS control code to select the protocols to be enabled. Otherwise, Windows Embedded CE selects the protocol.
-
Make a connection with the connectfunction.
-
The certificate callback function is automatically called. The connection can be completed only if the callback function verifies the acceptability of the certificate by returning SSL_ERR_OKAY.
-
Transmit and send.
-
The sendand recvfunctions automatically encode and decode data.
-
When you are finished, close the socket with the closesocketfunction.