Jump to content

MikeMon

Members
 View Profile  See their activity

  • Content Count

    147

  • Joined

  • Last visited

  • Days Won

    1

Posts posted by MikeMon

  1. Posted

    Just now, Lars Fosdal said:

    Leading question - so.... what would you check next, Mike?

    That's the million dollar question 🙂 

     

    I guess the current encoding used in the IBX controls is causing the exception, or maybe the new encoding model in Delphi 12.x. Need to investigate when I have time.

     

    Currently, for Windows XP / 2003 Server computers, I'm using the software compiled with Delphi 11.3.

  4. Posted

    10 minutes ago, Virgo said:

    I thought, that IBX probably tries to load driver dll on unit initialization. And actually, with IBX driver file is probably gds32.dll. But if it is compiler dependent, then it is probably not dll compatibility thing. But I would still check initialization sections of IBX.

    You don’t need to have any drivers to add the unit to the uses clause.

  7. Posted

    I have a problem with my application crashing on Windows XP / Windows Server 2003. It wouldn't even give any exceptions. After troubleshooting, I found out that the issue is caused by IBX. Just adding an IBX unit, e.g., IBSQL, to the uses clause of an empty application causes the crash. I'm not sure after which Delphi upgrade this started, but I think it was after upgrading to 12.1 or 12.2.

     

    Has anyone come across this? If yes, any solution or workaround? 

  8. Posted

    After updating FastReport VCL to a newer version (2024), my application stopped loading on windows XP and Windows Server 2003. The exception I'm getting is: 

    The procedure entry point CryptRetrieveTimeStamp could not be located in the dynamic link library crypt32.dll

    I know that Windows XP and Windows Server 2003 are no longer supported by Microsoft, but I have clients that still use them.

     

    Has anybody come accross this and found a solution?

  10. Posted

    1 hour ago, DelphiUdIT said:

    What is the target of your application ?

    I’ve been using an RSA SSL certificate until now for my API server. However a new client is asking to use ECDH ciphers

    to connect to it. So, I’ve created an ECDH SSL certificate to make it happen. Haven’t had luck making it work yet!! FYI, the new certificate is loading fine.

  11. Posted

    25 minutes ago, DelphiUdIT said:

    This is available on OpenSSL 1.0.2u, the last SSL available that works on Indy bundle with Rad Studio.

    You are using SSLv3 this is deprecated and should not be used. YOU MUST USE TLSv1.2.

    Set IOHandler to use TLSv1.2 (in the options): 

    
SSLVersion := [sslvTLSv1_2]

     

    Actually I AM using sslvTLSv1_2.

  12. Posted

    1 hour ago, DelphiUdIT said:

    In Indy, the valid chipers type accepted by a server connection is setting through the TIdSSLOpenIOHnadlerServer.Options.ChiperList property, for example:

      

    
//For TLSv1.2 handshake
CipherList := '!EXPORT:!LOW:!aNULL:!eNULL:!RC4:!ADK:!3DES:!DES:!MD5:!PSK:!SRP:!CAMELLIA'+
                      ':ECDHE-RSA-AES128-GCM-SHA256'+
                      ':ECDHE-RSA-AES256-GCM-SHA384'+
                      ':ECDHE-RSA-CHACHA20-POLY1305'+
                      ':ECDHE-ARIA256-GCM-SHA384'+
                      ':ECDHE-ARIA128-GCM-SHA256'+
                      //Weak but used in old products
                      ':ECDHE-RSA-AES256-SHA384';

    Search in the property of DataSnap components for IOSSLHandler and set this property. This is correlated to "certifcate file" and "certificate private key" (CertFIle and CertKey property of the Handler).

     

    I'm using TIdServerIOHandlerSSLOpenSSL and have tried using the CipherList above. It doesn't work. I get the following message:

     

    Error: 1053760: error:10000410:SSL routines: OPENSSL_internal: SSLV3_ALERT_HANDSHAKE_FAILURE:..\..\..\..\src\third_party\boringssl\src\ssl\tls_record.cc:592:SSL alert number 40

  14. Posted

    7 hours ago, esegece said:

    Hello,

     

    The sgcWebSockets library, which I'm the developer, has a component to replace the Indy Datasnap Server and add support for other protocols like websocket and use the latest TLS 1.3 version. You can download the trial for Delphi 12 from:

     

    https://www.esegece.com/download/sgcWebSockets_D12.zip

     

    In the trial, there is a demo in the folder "..sgcWebSockets\Demos\40.DataSnap\Server_Indy_HTTP" that shows how works. The Datasnap server is replaced by TsgcWSHTTPWebBrokerBridgeServer and all the methods and functions are the same.

    If you prefer, you can download the compiled sample from:

     

    https://www.esegece.com/download/samples/sgcDatasnap.zip

     

    When running the sample check the ssl, select openssl 3.0 and TLS1.3. It uses a self-signed certificate, so when clicking the "Open Datasnap" button, the browser will show a warning that the certificate can not be verified, just accept it.

    More info:

     

    https://www.esegece.com/websockets

     

    Kind Regards,

    Sergio

    Tx. I'll check it out.

     

    1 hour ago, Remy Lebeau said:

    There are a few 3rd party GitHub repos that add OpenSSL 3.x/TLS 1.3 to Indy (sorry, I don't have the links on-hand at the moment, I'll add them here in a bit). 

     

     

    Tx!!

  15. Posted

    Hi

     

    I'm using Delphi 12.2 Patch 2.

     

    I've set up a REST Datasnap server that uses HTTPS. Using Indy (installed during Delphi installation), it works fine for RSA certificates. 

     

    Any guide on how I can set it up to accept ECDH instead of (or in parallel to) RSA ciphers?

     

    Moreover, are there any alternatives to Indy that use TLS1.3? BTW, I updated Indy to the latest version following the update instructions, but it messed up my Datasnap server. I had to uninstall and reinstall Delphi. 😞 

     

  16. Posted

    Hi

     

    Installing the latest Indy following the instructions above (including the patch) messed up my Datasnap REST setup. I'm getting the following error:

     

    [dcc32 Fatal Error] APIWebModuleUnit.pas(13): F2051 Unit IPPeerCommon was compiled with a different version of IdCoderMIME.TIdEncoderMIME.

     

    Any ideas?

  23. Posted

    What's the procedure to upload a new app version to Google play if you have changed the keystore file?

    When I'm uploading the new private key I created during the "opt in" procedure in the "App Integrity" screen of Google Play Console, I'm getting the following exception:

    "The private key does not match the certificate we know for this app".

     

    Basically, how can I update the certificate?

  24. Posted

    6 minutes ago, Rollo62 said:

    There were two passwords, for the keystore and the Alias.

    Are you sure both of them were correct ?

    Yes. The 32-bit version is working fine. I even checked the "check passwords" and it's fine. The thing is I haven't even assigned anything on the 64-bit. The minute I choose the 54-bit bit, I'm getting the error.

    BTW, when I go to Tools->Options->Deployment->Provisioning and assign it there, it's working fine for both 32 and 64. Is it enough?

  25. Posted

    Hi

     

    I'm using Delphi 11 and I have this strange issue.

     

    Under provisioning, assigning a keystore file and alias for Android 32-bit is working perfectly fine. When I go to Android 64-bit, I'm immediately getting the following error:

      

    keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect.

    The thing is that there is nothing yet assigned in the 64-bit provisioning key store and I'm getting the error.

    Has anyone come across anything like this?

×