Back to product page

Secure property


Determines if SSL/TLS communication is used.

Type

A SecureProtocols enumeration

Syntax

  • Basic
object.Secure [= value]
The Secure(object,value) syntax has these parts:
objectAn expression evaluating to an object of type wodHttpDLX.
valueA SecureProtocols enumeration, as described in settings.

Remarks

The settings for value are:

Constant Value Description
ProtNoSSL0 Not using SSL.
ProtAll 1 TLS1/SSL3/SSL2
ProtSSL23 2 SSL3/SSL2
ProtTLS13 TLS1
ProtSSL3 4 SSL3
ProtSSL2 5 SSL2
ProtTLS10 6 TLS1.0
ProtTLS11 7 TLS1.1
ProtTLS12 8 TLS1.2


wodHttpDLX internally supports secure communication (SSL). Principe of such communication is that both client and server have their private and public keys. They export their public keys to each other, and any data that is sent from one side to another is encrypted using those keys. Since ONLY other side is able to decrypt data (with private key), such transmission is pretty secure, because is someone is logging information that is sent from one side to another is unable to decrypt it by himself (at least not is some reasonable amount of time).

To activate this engine on wodHttpDLX, it is sufficient just to set Secure property to any of supported security algorithms, specified in SecureProtocols enum, prior to opening new connection. Secure connections are usually slower, for few reasons. First, upon initial connection few handshaking packets are send from both sides, and negotiation is taking place. After both sides successfully accept other side, each packet before is transmitted to other side is encrypted. Such packets are larger than initial ones.

Even it is sufficient for your application to set this property to make it 'SSL-able', please consider other properties that might be useful. If you're planning to authenticate to the server with the client certificate, you must obtain one such certificate and provide it to Certificate property. Well known authority that provides certificates is Verisign (www.verisign.com). Read their FAQ-s about more information how to make and use certificates. For client side, in most cases you don't need certificate, except you're connecting to server that explicitly requires it.

Using this property you can specify which secure protocols are used. Although TLS1 is de-facto standard today, you will notice that some Microsoft server's don't support it properly. For example, if you open your Internet Explorer, and go to 'Advanced' options, you will see TLS is not even enabled. For this purpose, we also suggest you use ProtSSL23 constant as 'default' SSL value.

Platforms

Windows