HandshakeCompleteEventArgs Class
Namespace: System.Net.Security
Assembly: System.Net.Primitives (in System.Net.Primitives.dll)
public sealed class HandshakeCompleteEventArgs : EventArgs
Remarks
The HandshakeComplete event is raised after the SSL/TLS handshake is successfully completed on an SslStream. This event provides information about the negotiated cipher suite and the client's certificate, if any.
It is crucial to handle this event to validate the server's certificate or to obtain information about the established security context. For instance, you might use the properties of this event data to log the negotiated security details or to perform further authorization checks based on the client's certificate.
This event is typically raised on a background thread if asynchronous operations are involved in the handshake.
Fields
None.
Properties
| Name | Description |
|---|---|
ClientCertificate |
Gets the client's certificate if requested and provided during the handshake. Returns null if no client certificate was provided. |
CipherSuite |
Gets the negotiated cipher suite used for the SSL/TLS connection. |
IsAuthenticated |
Gets a value indicating whether the client and server successfully authenticated each other. |
Protocol |
Gets the SSL/TLS protocol version used for the connection. |
Constructors
None (This class is instantiated by the system).
Methods
None.
Inherited Members
This class inherits members from the System.EventArgs class.
Requirements
- Client: Supports Windows 7, Windows 8, Windows 10, Windows 11, Xbox One, Xbox Series X|S
- Server: Supports Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022
- Universal Windows Platform (UWP): Supported
- .NET Framework: Supported in versions 4.5 and later.
- .NET Standard: Supported in version 2.0 and later.
- .NET Core: Supported in versions 1.0 and later.
See Also
Example
The following example shows how to subscribe to the HandshakeComplete event and access the event arguments.
using System;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
public class SslExample
{
public static async Task RunClientAsync(string host, int port)
{
using (var client = new TcpClient(host, port))
using (var sslStream = new SslStream(client.GetStream(), false, ValidateServerCertificate, null))
{
sslStream.HandshakeCompleted += SslStream_HandshakeCompleted;
try
{
await sslStream.AuthenticateAsClientAsync(host);
Console.WriteLine("SSL handshake successful.");
// ... perform communication ...
}
catch (Exception ex)
{
Console.WriteLine($"SSL handshake failed: {ex.Message}");
}
}
}
private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
{
return true;
}
Console.WriteLine($"Certificate error: {sslPolicyErrors}");
return false; // Do not continue if there are errors.
}
private static void SslStream_HandshakeCompleted(object sender, HandshakeCompleteEventArgs e)
{
Console.WriteLine("--- Handshake Completed ---");
Console.WriteLine($"Authenticated: {e.IsAuthenticated}");
Console.WriteLine($"Protocol: {e.Protocol}");
Console.WriteLine($"Cipher Suite: {e.CipherSuite}");
if (e.ClientCertificate != null)
{
Console.WriteLine($"Client Certificate Subject: {e.ClientCertificate.Subject}");
}
else
{
Console.WriteLine("No client certificate provided.");
}
Console.WriteLine("--------------------------");
}
// To run this example:
// You would need a server running on the specified host and port that supports SSL.
// For demonstration purposes, this is a client-side snippet.
// Example usage: await RunClientAsync("example.com", 443);
}