SSLCreateFlags Example for C++ 6.0 and later
// This sample creates ILEADDicomNet object with security (m_pLEADDicomNet1)
// The ILEADDicomNet object is configured so that if a client connects:
// 1. it requires and verifies the client certificate
// 2. it will support SSL version 3 or TLS Version 1 for the handshake
// 3. it uses trusted certificate authority CA_CERT_NAME to verify the client certificate
// 4. it verifies the client certificate chain to a max depth of 2
//
// The ILEADDicomNet object is assigned the certificate SERVER_CERT_NAME,
// which contains a password encrypted private key
// The OnSSLPrivateKeyPassword event is used
// to supply the encryption password of the private key
#define CA_CERT_NAME "e:\\certificates\\ca.pem"
#define SERVER_CERT_NAME "e:\\certificates\\server.pem"
void CDicomExamplesDlg::OnButton()
{
CString csMsg;
int nRet;
m_pLEADDicomNet1->UseSSLOptions = TRUE;
m_pLEADDicomNet1->SSLCreateFlags = (enum DicomSSLCreateFlags)(DICOM_SSL_CTX_CREATE_CAFILE | DICOM_SSL_CTX_CREATE_METHOD_TYPE | DICOM_SSL_CTX_CREATE_OPTIONS | DICOM_SSL_CTX_CREATE_VERIFY_DEPTH | DICOM_SSL_CTX_CREATE_VERIFY_MODE);
m_pLEADDicomNet1->SSLCAFile = CA_CERT_NAME;
m_pLEADDicomNet1->SSLVerifyMode = (enum DicomSSLVerifyMode)(DICOM_SSL_VERIFY_PEER | DICOM_SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
m_pLEADDicomNet1->SSLVerifyDepth = 2;
m_pLEADDicomNet1->SSLOptions = (enum DicomSSLOptions)(DICOM_SSL_OP_NO_SSLv2 | DICOM_SSL_OP_ALL);
m_pLEADDicomNet1->NetworkSecurityMode = DICOM_SECURE_TLS;
m_pLEADDicomNet1->StartUp ();
nRet = m_pLEADDicomNet1->SetServerCertificateTLS (m_pLEADDicomNet1->hNet, SERVER_CERT_NAME, L_TLS_FILETYPE_PEM, SERVER_CERT_NAME);
if (nRet == 0)
csMsg.Format("%s loaded successfully", SERVER_CERT_NAME);
else
csMsg.Format("%s could not be loaded successfully -- error %d", SERVER_CERT_NAME,nRet);
AfxMessageBox(csMsg);
//
// Use the hNet
//
}
void CDicomNetSink::OnSSLPrivateKeyPassword(long hNet, long nStatus)
{
m_pDlg->m_pLEADDicomNet1->SSLPrivateKeyPassword= "test";
}