Use client authentication in client software
Use client authentication in client software
There are several ways for client software using ISAM and CTDB APIs to use a client certificate to authenticate with a FairCom server.
Client software can use the ISAM function
InitISAMX()
with theUSERPRF_X509
bit set in theuserprof
argument to indicate theuserword
argument is a null-terminated client certificate.Client software can use the following code to register a client certificate for authenticating with a FairCom server:
ctSetCommProtocolOption(ctCOMMOPT_FSSLTCP_CLIENT_CERTIFICATE,"my_client_cert.pem");
Note
When you register a client certificate, the
InitISAMX()
function ignores theuserprof
anduserword
arguments.If the private key embedded in the client certificate is encrypted, use the following code to regiser a private key password to decrypt an encrypted private key.
ctSetCommProtocolOption(ctCOMMOPT_FSSLTCP_CLIENT_PASSPHRASE,"my_client_cert.pem");
Note
Before client software can use client certificate authentication, you must enable this feature on a FairCom server.