Edytuj

Udostępnij za pośrednictwem


TlsOptions Class

Definition

Settings for how TLS connections are handled.

public class TlsOptions
type TlsOptions = class
Public Class TlsOptions
Inheritance
TlsOptions

Constructors

TlsOptions()

Properties

CheckCertificateRevocation

Specifies whether the certificate revocation list is checked during authentication.

ClientCertificateMode

Specifies the client authentication certificate requirements for a TLS connection to Silo. Defaults to AllowCertificate.

HandshakeTimeout

Specifies the maximum amount of time allowed for the TLS/SSL handshake. This must be positive and finite.

LocalCertificate

Specifies the local certificate used to authenticate TLS connections. This is ignored on server if LocalCertificateSelector is set.

To omit client authentication set to null on client and set RemoteCertificateMode to AllowCertificate or NoCertificate on server.

If the certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1) for server and Client Authentication (OID 1.3.6.1.5.5.7.3.2) for client.

LocalClientCertificateSelector

A callback that will be invoked to dynamically select a local client certificate. This is higher priority than LocalCertificate.

If the certificate has an Extended Key Usage extension, the usages must include Client Authentication (OID 1.3.6.1.5.5.7.3.2).

LocalServerCertificateSelector

A callback that will be invoked to dynamically select a local server certificate. This is higher priority than LocalCertificate. If SNI is not available then the name parameter will be null.

If the certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

OnAuthenticateAsClient

Provides direct configuration of the TlsClientAuthenticationOptions on a per-connection basis. This is called after all of the other settings have already been applied.

OnAuthenticateAsServer

Provides direct configuration of the TlsServerAuthenticationOptions on a per-connection basis. This is called after all of the other settings have already been applied.

RemoteCertificateMode

Specifies the remote endpoint certificate requirements for a TLS connection. Defaults to RequireCertificate.

RemoteCertificateValidation

Specifies a callback for additional remote certificate validation that will be invoked during authentication. This will be ignored if AllowAnyRemoteCertificate() is called after this callback is set.

SslProtocols

Specifies allowable SSL protocols. Defaults to Tls13 and Tls12.

Methods

AllowAnyRemoteCertificate()

Overrides the current RemoteCertificateValidation callback and allows any client certificate.

Applies to