Type: Integer
Returns the SSL key size that the browser supports; only available if the user is connected through an active SSL connection. For example, 40, 56, or 128. Note: Detection of this capability is not available on all web servers and platforms.
There are two approaches in BrowserHawk you can choose from when testing for the SSL key size. Each has its advantages.
Approach 1:
The first approach is to use the SSLKeySize property directly from a page being accessed via HTTPS. The advantage to this approach is that you get instant server-side detection without having to do a round-trip, as in the case with extended property checks. The disadvantage is that you can only detect the key size one the page is accessed via HTTPS. This means you must engage the browser in an HTTPS connection to check the key size.
To use this approach, you simply check this property from an HTTPS page. For example:
<% set bhObj = Server.CreateObject("cyScape.browserObj")
if bhObj.SSLKeySize < 128 then
response.redirect "/notallowed.asp"
end if
<html>secure content goes here</html>
With the above approach, this code must be used with a page access via HTTPS. Otherwise the SSLKeySize property will always be 0 regardless of the real key size.
All Editions of BrowserHawk support the above approach.
Approach 2:
The alternative approach is to check the key size using an extended property check. This approach was introduced starting with BrowserHawk 6.0. With this approach, a transparent background HTTPS request is made from the test page to another web server instance (either another instance of a web site running on that same server or a different server) to retrieve the key size information.
The advantage to this approach is that you can check the key size from a standard HTTP page, before you send the visitor to an HTTPS page. The disadvantage of this approach is that you need to create a Port Check Server instance on your server (or set up a separate server) to perform the test, the test is not instant as with Approach 1, and there is a rare possibility that a communication issue (between the browser and test server) could prevent you from obtaining the key size. Still, many developers feel that being able to detect the key size without first sending the browser to an HTTPS page outweighs the disadvantages to this approach.
To use this approach, you can use the follow code from any web page (accessed via HTTP or HTTPS). For example:
<% set bhObj = Server.CreateObject("cyScape.browserObj")
bhObj.SetExtProperties "SSLKeySize"
bhObj.GetExtPropertiesEx
if bhObj.SSLKeySize < 128 then
response.redirect "/notallowed.asp"
end if
<html>secure content goes here</html>
Note: Detection of the SSL key size using Approach 2 requires the Enterprise Edition of BrowserHawk. Approach 1 is available in all Editions.
Note: Use of Approach 2 in production environments requires the setup of a Port Check Server. Also be sure to set the value of this server in the SSLCheckURL property. Use of Approach 1 does not require any such setup.