| Directory Services |
VERIFYSERVERCERT is a callback function that allows a client to evaluate the certificate chain of the server to which it is connected.
BOOLEAN _cdecl VERIFYSERVERCERT( PLDAP Connection, PCCERT_CONTEXT* pServerCert );
If the function succeeds (the client approves the server certificate), the return value is TRUE.
If the function fails; the return value is FALSE and the secure connection is torn down.
The VERIFYSERVERCERT callback function allows the client to verify the certificate of the server. The client registers a callback which is invoked after the secure connection is set up. The server certificate context is presented to the callback function, where it can be verified as acceptable or not. To register this callback, call ldap_set_option (conn, LDAP_OPT_SERVER_CERTIFICATE, &CertRoutine), where CertRoutine is the address of your callback function.
The server calls VERIFYSERVERCERT after the secure connection has been established. The server's certificate context is supplied for examination by the client.
CertFreeCertificateContext should be called before this function returns. The call to this function should be made as follows:
CertFreeCertificateContext(*ppServerCert);
Or, alternatively, as:
CertFreeCertificateContext(*((PCCERT_CONTEXT*)pServerCert));
Client: Included in Windows XP and
Windows 2000 Professional.
Server: Included in Windows Server 2003 and
Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension
on Windows NT 4.0 SP6a and Windows 95/98/Me.
Header: Declared in Winldap.h.