SSLVerifyMode property (ILEADDicomNet)
DicomSSLVerifyMode SSLVerifyMode | |
Overview |
Remarks
(Medical Imaging Suite only) Used to set the SSL verification mode used for security verification. The default value is L_SSL_VERIFY_NONE. Values may be combined using the bitwise OR ( | ) operator. Possible values are:
Value |
Meaning |
DICOM_SSL_VERIFY_NONE |
[0x00] Server Mode: no request for a certificate is sent to the client, and the client should not send a certificate. |
|
Client Mode: If the server sends a certificate, it will be verified, but failure will not terminate communication. This flag should not be used in conjunction with any other flag. |
DICOM_SSL_VERIFY_PEER |
[0x01]Server mode: a request for a certificate is send to the client. The client can ignore the request, but if the client does send a certificate, it will be verified. If verification fails, communication is terminated. |
|
Client mode: if the server sends a certificate, it is verified. If verification fails, communication is terminated. |
DICOM_SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
[0x02] Server Mode: If the client does not send a certificate, or if a certificate is sent that fails verification, then communication is terminated. This flag must be combined with DICOM_SSL_VERIFY_PEER. |
|
Client mode: This flag is ignored. |
DICOM_SSL_VERIFY_CLIENT_ONCE |
[0x04] Server Mode: During initial negotiation a certificate is requested from the client. During renegotiation, no certificates are requested. This flag must be used with DICOM_SSL_VERIFY_PEER. |
|
Client Mode: This flag is ignored. |
Use the following procedure to change the default security options:
1. |
Set the UseSSLOptions property to VARIANT_TRUE. |
2. |
Set the NetworkSecurityMode property to DICOM_SECURE_TLS. |
3. |
Set any or all of the following properties. |
SSLVerifyMode property
4. |
Set the SSLCreateFlags property to have the flags that correspond to the properties that were set in step 3. |
5. |
Call the StartUp method. |
Note that the properties in steps 1, 2, 3, and 4 must be set before calling the StartUp method, and that the NetworkSecurityMode property must be set to DICOM_SECURE_TLS. If the NetworkSecurityMode property is not DICOM_SECURE_TLS, then the SSL properties are ignored.
See Also