If the interface IF_VerifyCertCallback is assigned to the TLS settings of the corresponding methods of the FB_TcpClient2 or FB_TcpServer2, the interface method VerifyCertCallback is called by the system after verification of the certificate received from the peer.
The return value of the method indicates the result of the verification. You have two options:
If you assign the value of the input verifyResult to the return value, you confirm the verification result of the system.
To override the result, you can return an alternative value. This affects the result of the connect as well as the accept process.
|
Input |
Data type |
Description |
|---|---|---|
|
hCert |
SysTypes.RTS_IEC_HANDLE |
Handle to the certificate of the peer. |
|
verifyResult |
SysTypes.RTS_IEC_RESULT |
Result of the verification performed by the system. Refer to CmpX509Cert.ERRORS for details of the error codes. |
The following example indicates the implementation of the callback which confirms the result of the system by assigning it to the return value of the method. Further analysis for a detected error can be added:
METHOD VerifyCertCallback : TCPUDP.SysTypes.RTS_IEC_RESULT
VAR_INPUT
hCert : TCPUDP.SysTypes.RTS_IEC_HANDLE;
verifyResult : TCPUDP.SysTypes.RTS_IEC_RESULT;
END_VAR
VerifyCertCallback := verifyResult;
IF verifyResult <> TCPUDP.CmpErrors.Errors.ERR_OK THEN
;
//Here you can analyze the error
END_IF