HTTPS Certificate Verification

From RAD Studio
Jump to: navigation, search

Go Up to DataSnap Client Application


If you are developing a client that will connect to a server using the HTTPS protocol (where the server is most likely running under IIS), then you will want to implement a check in your client code to verify the server's certificate.

Setting up the Connection

To set up the client's HTTPS connection, drop onto your form a TSQLConnection. In the Object Inspector set the Driver to DataSnap, the Driver's CommunicationProtocol to HTTPS, and the URLPath Driver's property to "IISVirtualDirectory/ServerProjectName.dll". Set the port and any other connection information as needed.

Validating the Certificate

On your TSQLConnection, go to the Events tab in the Object Inspector and implement the ValidatePeerCertificate event. This event has the following signature:

procedure XValidatePeerCertificate(Owner: TObject; Certificate: TX509Certificate; const ADepth: Integer; var Ok: Boolean);

The certificate itself is a TX509Certificate instance that you can inspect and then set the value of Ok to True if you are satisfied with the certificate, or to False otherwise.

You may find these functions/procedures on the certificate useful:

function Verify(key: TPublicKey): Boolean;
procedure CheckValidity;
procedure CheckValidity(ADate: TDateTime);

For more information on the TX509Certificate, which is in the DBXCommon unit, see the corresponding documentation.

See Also