<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns:MadCap="http://www.madcapsoftware.com/Schemas/MadCap.xsd" MadCap:lastBlockDepth="2" MadCap:lastHeight="120" MadCap:lastWidth="624" MadCap:disableMasterStylesheet="true" MadCap:tocPath="Client-Server" MadCap:InPreviewMode="false" MadCap:RuntimeFileType="Topic" MadCap:TargetType="WebHelp" MadCap:PathToHelpSystem="../../../" MadCap:HelpSystemFileName="index.xml" MadCap:SearchType="Stem"> <head><title>Using SSL For Client-Server Communication </title> <script type="text/javascript">/* <![CDATA[ */ window.onload = function(){ var pathToFlash = $('html').attr('MadCap:PathToHelpSystem') + 'Content/Resources/Code/ZeroClipboard.swf'; ZeroClipboard.setMoviePath(pathToFlash); function bindToClipBord(element,content){ var clip = new ZeroClipboard.Client(); clip.setText(content); clip.glue(element); }; if(location.protocol==='file:'){ $('.copylink-marker').remove(); } else{ $('.copylink-marker').each(function(){ var text = $(this).parent().parent().children('.prettyprint').html(); $(this).hover(function(){ bindToClipBord(this,text); }, function(){}); }); } prettyPrint(); }; /* ]]> */</script> <link href="../../SkinSupport/MadCap.css" rel="stylesheet" /> <link href="../../Resources/Stylesheets/OnlineStyle.css" rel="stylesheet" /> <script src="../../Resources/Code/prettify.js"> </script> <script src="../../Resources/Code/lang-vb.js"> </script> <script src="../../Resources/Code/jquery.min.js"> </script> <script src="../../Resources/Code/ZeroClipboard.js"> </script> <script src="../../SkinSupport/MadCapAll.js" type="text/javascript"> </script> </head> <body> <p class="MCWebHelpFramesetLink" style="display: none;"><a href="../../../index_CSH.html#client-server/pluggable_sockets/using_ssl_for_client-server_communication.htm" style="">Open topic with navigation</a> </p> <div class="MCBreadcrumbsBox"><span class="MCBreadcrumbsPrefix">You are here: </span><a class="MCBreadcrumbsLink" href="../../client-server.htm">Client-Server</a><span class="MCBreadcrumbsDivider"> > </span><span class="MCBreadcrumbs">Using SSL For Client-Server Communication</span> </div> <p> <script type="text/javascript">/*<![CDATA[*/document.write('<a href="' + location.href +'">'); document.write("Direct Link"); document.write('</a>');/*]]>*/</script> </p> <p> </p> <h1><a name="kanchor66"></a>Using SSL For Client-Server Communication</h1> <p>With the default settings db4o client-server communication is not encrypted and thus can potentially be a dangerous security hole. db4o supports SSL for client server communication. The implementation uses the <a href="../../configuration/networking/pluggable_sockets.htm">pluggable socket</a> to provide secure sockets. </p> <div MadCap:conditions="Primary..NET"> <p>The SSL communication uses the .NET security libraries to implement the secure communication. Currently only one way authentication is supported, where the server needs to have a valid certificate. Clients-certificates are currently not supported.</p> <p>On the server you need to add a the server SSL support. Additionally you need to specif the server certificate. This way you can choose from where you want to get the server-certificate. Take a look at the <a href="http://msdn.microsoft.com/en-us/library/system.net.security.aspx">.NET documentation for a more details</a>.</p> <div class="codesnippet" MadCap:conditions="Primary.c#"> <pre class="prettyprint" xml:space="preserve">IServerConfiguration configuration = Db4oClientServer.NewServerConfiguration(); // For the server you need a certificate. For example using a certificate from a file X509Certificate2 certificate = new X509Certificate2("cert.cer"); configuration.AddConfigurationItem(new ServerSslSupport(certificate));</pre> <div class="codesnippet-meta">SSLExample.cs: Add SSL-support to the server <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-csharp.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> <div class="codesnippet" MadCap:conditions="Primary.VB.NET"> <pre class="prettyprint lang-vb" MadCap:conditions="Primary.Online" xml:space="preserve">Dim configuration As IServerConfiguration = Db4oClientServer.NewServerConfiguration() ' For the server you need a certificate. For example using a certificate from a file Dim certificate As New X509Certificate2("cert.cer") configuration.AddConfigurationItem(New ServerSslSupport(certificate))</pre> <div class="codesnippet-meta">SSLExample.vb: Add SSL-support to the server <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-vb.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> <p>On the client you need to use the client SSL support. Add a callback for additional certificate verification.</p> <div class="codesnippet" MadCap:conditions="Primary.c#"> <pre class="prettyprint" xml:space="preserve">IClientConfiguration configuration = Db4oClientServer.NewClientConfiguration(); configuration.AddConfigurationItem(new ClientSslSupport(CheckCertificate));</pre> <div class="codesnippet-meta">SSLExample.cs: Add SSL-support to the client <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-csharp.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> <div class="codesnippet" MadCap:conditions="Primary.VB.NET"> <pre class="prettyprint lang-vb" MadCap:conditions="Primary.Online" xml:space="preserve">Dim configuration As IClientConfiguration = Db4oClientServer.NewClientConfiguration() configuration.AddConfigurationItem(New ClientSslSupport(AddressOf CheckCertificate))</pre> <div class="codesnippet-meta">SSLExample.vb: Add SSL-support to the client <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-vb.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> <div class="codesnippet" MadCap:conditions="Primary.c#"> <pre class="prettyprint" xml:space="preserve">private static bool CheckCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslpolicyerrors) { // here you can check the certificates of the server and accept it if it's ok.) return true; }</pre> <div class="codesnippet-meta">SSLExample.cs: callback for validating the certificate <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-csharp.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> <div class="codesnippet" MadCap:conditions="Primary.VB.NET"> <pre class="prettyprint lang-vb" MadCap:conditions="Primary.Online" xml:space="preserve">Private Shared Function CheckCertificate(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal sslpolicyerrors As SslPolicyErrors) As Boolean ' here you can check the certificates of the server and accept it if it's ok. Return True End Function</pre> <div class="codesnippet-meta">SSLExample.vb: callback for validating the certificate <div class="codedownload"><a href="../../CodeExamples/clientserver/ssl/Example-clientserver-ssl-vb.zip" class="codedownload" MadCap:conditions="Primary.Online">Download Code</a></div><div class="codedownload copylink-marker" MadCap:conditions="Primary.Online"><a href="#copy">Copy Code</a></div></div> </div> </div> <script type="text/javascript" src="../../SkinSupport/MadCapBodyEnd.js"> </script> </body> </html>