Returns information about the certificate used by the client computer during a Web connection with authentication by certificate.
// Checks whether the certificate is found and valid
IF MustBeAuthenticated = True THEN
IF CertificateClientInfo(certificateClientPresent) = False
OR CertificateClientInfo(certificateClientValid) = False THEN
// Check the rights of the user
// Displays in an edit control
// the serial number of the client certificate used
EDT_SerialNum = CertificateClientInfo(certificateClientSerialNumber)
// Retrieves the country of the client certificate used
EDT_CertificateClientCountry_Subject = CertificateClientInfo(certificateClientSubject, ...
<Result> = CertificateClientInfo(<Information> [, <Sub-information>])
<Information>: Integer constant
Requested informatioin about the client certificate:
|certificateClientIssuer||Identification of certificate issuer. You have the ability to extract part of the information by using the <Sub-information> parameter.|
Example of returned string: CERT_ISSUER=C=FR,S=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=caqual,Efirstname.lastname@example.org
|certificateClientPresent||Indicates whether a certificate was transmitted by the client computer (True) or not (False).|
|certificateClientSerialNumber||Serial number of certificate (hexadecimal string). Example: "00E48E2E3503C8317A"|
|certificateClientSubject||Identification of certificate. You have the ability to extract part of the information by using the <Sub-information> parameter.|
Example of returned string: CERT_SUBJECT=C=FR,S=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=twr4m.pcsoft.com,Eemail@example.com
|certificateClientValid||Indicates whether a client certificate is validated by the server (True) or not (False).|
<Sub-information>: Optional Integer constant
Allows you to extract a specific information (used with the certificateClientIssuer and certificateClientSubject constants only). The full information is not always available.
The following constants are accepted:
|certificateClientCountry||Country associated with the certificate.|
|Entire list of certificate characteristics. The returned value is a string whose components are separated by a comma. For example SSL_CLIENT_I_DN=,C=FR,ST=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=caqual,emailAddressfirstname.lastname@example.org|
The following constants are used to retrieve a single information.
|certificateClientLocality||Locality associated with the certificate.|
|certificateClientState||State where the certificate was created.|
There are two modes to authenticate clients to the web server:
- authentication by the Web server. In most cases, this type of authentication is based on the authentication as domain user or server user.
- authentication by certificate. In this case, the following checks are performed:
- Checking the presence of a certificate.
- Checking the validity of the certificate.
- Checking the authorizations of the user.
If your project uses pre-launched sessions, this function must not be used in the project initialization event. This function must be used in the "Initializing the project after connection to the site" event.