Type: Integer
Returns the SSL key size that the browser supports; only available if the user is connected through an active SSL connection. For example, 40, 56, or 128. Note: Detection of this capability is not available on all web servers and platforms.
There are two approaches in BrowserHawk you can choose from when testing for the SSL key size. Each has its advantages.
Approach 1:
The first approach is to use the BrowserObj class SSLKeySize property directly from a page being accessed via HTTPS. The advantage to this approach is that you get instant server-side detection without having to do a round-trip, as in the case with extended property checks and the ExtendedBrowserObj SSLKeySize property. The disadvantage is that you can only detect the key size one the page is accessed via HTTPS. This means you must engage the browser in an HTTPS connection to check the key size.
To use this approach, you simply check this property from an HTTPS page. For example:
<%
BrowserObj browObj = BrowserObj.GetBrowser();
if (browObj.SSLActive == false) {
Response.Write("This test must be performed from an HTTPS page.");
Response.End();
}
else {
if (browObj.SSLKeySize < 128) {
Response.Redirect("abc.asp");
}
}
%>
<html>secure content goes here</html>
With the above approach, this code must be used with a page access via HTTPS. Otherwise the SSLKeySize property will always be 0 regardless of the real key size.
All Editions of BrowserHawk support the above approach.
Approach 2:
The alternative approach is to check the key size using an extended property check. With this approach, a transparent background HTTPS request is made from the test page to another web server instance (either another instance of a web site running on that same server or a different server) to retrieve the key size information.
The advantage to this approach is that you can check the key size from a standard HTTP page, before you send the visitor to an HTTPS page. The disadvantage of this approach is that you need to create a Port Check Server instance on your server (or set up a separate server) to perform the test, the test is not instant as with Approach 1, and there is a rare possibility that a communication issue (between the browser and test server) could prevent you from obtaining the key size. Still, many developers feel that being able to detect the key size without first sending the browser to an HTTPS page outweighs the disadvantages to this approach.
For more information on Approach 2 see the ExtendedBrowserObj class SSLKeySize property.