secure socket

Typecommand
DictionaryLCS
LibraryLiveCode Script
Syntax
secure socket <socket> [without verification]
secure socket <socket> [with verification [for host <verificationHostName>]]
Associationsssl & encryption
Summary

Secures an open socket.

Introduced6.6
OSmac, windows, linux, ios, android
Platformsdesktop, mobile
Parameters
NameTypeDescription
socket

A reference to an open socket.

verificationHostName

The IP address or domain name of the host you want to verify against.

Example
secure socket "livecode.com:443"
open socket to "127.0.0.0:8080"
write "unencrypted message" to socket "127.0.0.0:8080"
secure socket "127.0.0.0:8080"
write "encrypted message" to socket "127.0.0.0:8080"
secure socket mySocket with verification for host "livecode.com"
RelatedProperty: sslCertificates
Message: socketError
Command: open socket
Glossary: Standalone Application Settings, command, LiveCode custom library, standalone application, message, property
Library: SSL & Encryption library
Securitynetwork
Description

Use the secure socket command to secure an open socket.

If 'with verification' is specified, when connecting to a remote peer, the client verifies the peers certificate during the handshake process. The sslCertificates property can be used to specify a list of certificates to verify against. In addition you can place system wide certificates in System/Library/OpenSSL/certs. If a verificationhostname is specified, the socket will be verified against that verificationhostname. An example of this is when you want to create a secure connection with a host while tunnelling through a proxy. Specifying the final host allows LiveCode to verify the socket against that host, rather than the proxy server.

If 'without verification' is specified then peers credentials are not authenticated, and any connection is accepted.

Once secured:

  • All pending and future reads from the socket will be assumed to be encrypted.
  • All pending writes will complete unencrypted. All future writes will be encrypted.

If the socket fails secure, a socketError message is sent to the object that opened the socket (not the object that attempted to secure it).

Important: The secure socket command is part of the SSL & Encryption library. To ensure that the command works in a standalone application, you must include this custom library when you create your standalone. In the Inclusions pane of the Standalone Application Settings window, make sure the "SSL & Encryption" library checkbox is checked.

Tagsfile system