←Select platform

VerifyCertificateEventArgs Class

Summary

Provides data for the VerifyCertificate event.

Syntax
C#
VB
C++
public class VerifyCertificateEventArgs : BaseEventArgs 
Public Class VerifyCertificateEventArgs 
   Inherits BaseEventArgs 
public: 
   ref class VerifyCertificateEventArgs : BaseEventArgs
Remarks

TLS Secure DICOM communications between an SCP and an SCU has a handshake process where the SCP and SCU verify each others provided certificates.

The VerifyCertificate event is called once for each certificate in a certificate chain, and provides information about the verification process.

This is useful for determining why a TLS DICOM Secure communication failed to be established.

The VerifyCertificateEventArgs.CertificateString provides information about a certificate, including:

  • Subject Name
  • Issuer Name
  • Valid To Date
  • Valid From Date
  • Serial Number
  • Basic Constraints (i.e. is this a Certificate Authority?)
  • Certificate purposes list

For example, if an SCU is providing a certificate that is created without SSL Server and SSL Client purposes, the VerifyCertificateEventArgs.ErrorException property will have a value of DicomSecurityCertificateExceptionCode.InvalidPurpose, and show the problem in the Certificate Purposes section of the VerifyCertificateEventArgs.CertificateString.

An example VerifyCertificateEventArgs.CertificateString corresponding to a DicomSecurityCertificateExceptionCode value of InvalidPurpose error is shown below: 

Subject Name: CN = Test Client, C = US, ST = Nebraska, L = Omaha, O = Test Client Organization 
Issuer Name: CN = LEAD CA, L = Charlotte, ST = North Carolina, C = US, emailAddress = [email protected], O = "LEAD Technologies, Inc." 
Valid From: Jun  1 21:31:35 2020 GMT 
Valid To: May 30 21:31:35 2030 GMT 
Serial Number:             ae:8a:75:37:56:03:c4:45 
Basic Constraints:Not a CA (Certificate Authority) 
Certificate purposes: 
	SSL client : No 
	SSL client CA : No 
	SSL server : No 
	SSL server CA : No 
	Netscape SSL server : No 
	Netscape SSL server CA : No 
	S/MIME signing : No 
	S/MIME signing CA : No 
	S/MIME encryption : No 
	S/MIME encryption CA : No 
	CRL signing : No 
	CRL signing CA : No 
	Any Purpose : Yes 
	Any Purpose CA : Yes 
	OCSP helper : Yes 
	OCSP helper CA : No 
	Time Stamp signing : No

The VerifyCertificateEventArgs.ErrorException property is a DicomSecurityCertificateException exception that indicates success or an error.

The VerifyCertificateEventArgs.Ok property determines the verification behavior.

Set VerifyCertificateEventArgs.Ok to 0 to stop the verification process with a "verification failed" state. If the DicomConnection(string,dicomnetsecuritymode,dicomopensslcontextcreationsettings) constructor is used and DicomOpenSslVerificationFlags.Peer is passed via the DicomOpenSslContextCreationSettings argument, a verification failure alert is sent to the SCU and the TLS/SSL handshake is terminated.

Set VerifyCertificateEventArgs.Ok to 1 to continue the verification process. If VerifyCertificateEventArgs.Ok is always set to 1, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established.

Leave VerifyCertificateEventArgs.Ok unchanged to get the default verification behavior.

Example

For an example, refer to VerifyCertificate.

Requirements
Target Platforms
Help Version 21.0.2021.6.30
Products | Support | Contact Us | Intellectual Property Notices
© 1991-2021 Apryse Sofware Corp. All Rights Reserved.

Leadtools.Dicom.Scu Assembly
Introduction
Getting Started
Namespaces
Leadtools.Dicom.Scu Namespace
Leadtools.Dicom.Scu.Common Namespace
Leadtools.Dicom.Scu.Queries Namespace
Assemblies