SSLVerifyMode property (ILEADDicomNet)

VB.NET example

C# example

Visual Basic example

Visual C++ 6.0 example

 

Syntax

DicomSSLVerifyMode SSLVerifyMode

Overview

Refer to Working with DICOM Network Connections

Remarks

(Medical Imaging Suite only) Used to set the SSL verification mode used for security verification. The default value is L_SSL_VERIFY_NONE. Values may be combined using the bitwise OR ( | ) operator. Possible values are:

Value

Meaning

DICOM_SSL_VERIFY_NONE

[0x00] Server Mode: no request for a certificate is sent to the client, and the client should not send a certificate.

 

Client Mode: If the server sends a certificate, it will be verified, but failure will not terminate communication. This flag should not be used in conjunction with any other flag.

DICOM_SSL_VERIFY_PEER

[0x01]Server mode: a request for a certificate is send to the client. The client can ignore the request, but if the client does send a certificate, it will be verified. If verification fails, communication is terminated.

 

Client mode: if the server sends a certificate, it is verified. If verification fails, communication is terminated.

DICOM_SSL_VERIFY_FAIL_IF_NO_PEER_CERT

[0x02] Server Mode: If the client does not send a certificate, or if a certificate is sent that fails verification, then communication is terminated. This flag must be combined with DICOM_SSL_VERIFY_PEER.

 

Client mode: This flag is ignored.

DICOM_SSL_VERIFY_CLIENT_ONCE

[0x04] Server Mode: During initial negotiation a certificate is requested from the client. During renegotiation, no certificates are requested. This flag must be used with DICOM_SSL_VERIFY_PEER.

 

Client Mode: This flag is ignored.

Use the following procedure to change the default security options:

1.

Set the UseSSLOptions property to VARIANT_TRUE.

2.

Set the NetworkSecurityMode property to DICOM_SECURE_TLS.

3.

Set any or all of the following properties.

SSLMethodType property

SSLVerifyMode property

SSLOptions property

SSLCAFile property

SSLVerifyDepth property

4.

Set the SSLCreateFlags property to have the flags that correspond to the properties that were set in step 3.

5.

Call the StartUp method.

Note that the properties in steps 1, 2, 3, and 4 must be set before calling the StartUp method, and that the NetworkSecurityMode property must be set to DICOM_SECURE_TLS. If the NetworkSecurityMode property is not DICOM_SECURE_TLS, then the SSL properties are ignored.

See Also

Elements:

StartUp method,UseSSLOptions property, SSLCreateFlags property, SSLMethodType property, SSLOptions property, SSLCAFile property, SSLVerifyDepth property, NetworkSecurityMode property

Topics:

DICOM Network Connection:Creating a Network Connection

 

DICOM Security: Working with TLS

 

Adding TLS Secuirty to a DICOM Connection