An SSL validation callback is defined as follows:
CS_RETCODE CS_PUBLIC validate_srvname_cb(CS_VOID *userdata, CS_SSLCERT *certptr, CS_INT certcount, CS_INT valid)
where:
userdata refers to the CS_USERDATA of the connection structure
certptr is a pointer to an array of CS_SSLCERT structures
certcount indicates the number of entries in the array
valid is the value determined by the SSL validation check. valid can be any of the following values:
Value of valid |
Indicates |
|---|---|
CS_SSL_VALID_CERT |
Valid certificate |
CS_SSL_INVALID_ BADCHAIN |
Certificate chain is invalid |
CS_SSL_INVALID_ EXPCERT |
A certificate in the chain has expired |
CS_SSL_INVALID_ INCOMPLETE |
Certificate chain is not terminated with self-signed root certificate |
CS_SSL_INVALID_ UNKNOWN |
SSL validation check failed because of unknown reasons |
CS_SSL_INVALID_ UNTRUSTED |
Certificate chain does not include a trusted certificate |
CS_SSL_INVALID_ MISSINGNAME |
Common name missing in the certificate |
CS_SSL_INVALID_ MISMATCHNAME |
Common name does not match the server name |
