Jump to content

HeikoG

Members
  • Content Count

    4
  • Joined

  • Last visited

Everything posted by HeikoG

  1. Hello, I'm using ICS 8.68 with Delphi 2007, and the latest 32Bit OpenSSL DLLS from the Overbyte website (http://wiki.overbyte.eu/arch/openssl-3.0.2-win32.zip). I've written a short test program (Just a TSslHttpCli, TSslContext and TIcsLogger component on a form), using the default settings other than connecting them. I can access google without problem (https://www.google.com), but when I try to access the entry page of the german patent office (https://depatisnet.dpma.de/) I get an error message: SSL handshake failed - No error returned, State: SSLv3/TLS write client hello, connection closed unexpectedly I have attached the log file created. How can I proceed from here? How can I get more information about The error? I can reach this website using firefox, and it seems to use TLS 1.2 then. Internet Explorer on Windows 10 is unable to connect, even with TLS 1.3 enabled. Depatisnet.log
  2. HeikoG

    HTTPS problem

    Hello again, just for information, by now Depatisnet probably did notice that they have a problem, and did update their site once more. And now ICS works as expected, without any problem. Thanks again for your support. Heiko
  3. HeikoG

    HTTPS problem

    Hello Angus, sorry I have to bother you again. I did follow your suggestion and used ICS V8.68 with OpenSSL 1.1.1 (I did run tests with all versions I hav available here, 1.1.1f,g,h,k,l,m,n, all from the Overbyte website). But I still had no success connecting to https://depatisnet.dpma.de. Are there some other Options I need to set in the SslRestclient or SssContext, or did you get it to work with OpenSsl 1.1.1 and some other tool? Here ist the test procedure I did use, to make sure I did not oversee something when testing different property settings I now create all objects at runtime. I did check GLIBEAY_DLL_FileName to make sure that indeed the OpenSsl 1.1.1 dlls are used. Else I will have to wait if they fix their website, they did implement the ssl change only on march 30th. Thank you Heiko procedure TMainForm.GetPage(Url : string); // Problem with https://depatisnet.dpma.de/ var Logger : TIcsLogger; SSLContext: TSslContext; SslRest: TSslHttpRest; Data : TStringStream; S : string; DateTimstr : String; begin mmoPage.Lines.Clear; mmoLog.Lines.Clear; GSSLEAY_DLL_IgnoreNew := True; GSSLEAY_DLL_IgnoreOld := False; Logger := nil; SSLContext := nil; SslRest := nil; try Logger := TIcsLogger.Create(Self); SSLContext := TSSLContext.Create(Self); SslRest := TSslHttpRest.Create(Self); DateTimeToString(DateTimstr,'"-"yymmdd"-"hhnnss',Now); Logger.LogFileOption := lfoOverwrite; Logger.OnIcsLogEvent := Ilogger1IcsLogEvent; logger.LogFilename := ChangeFileExt(Application.ExeName,DateTimstr + '.log'); logger.LogOptions := [loDestEvent, loDestFile, loDestOutDebug, loAddStamp, loWsockErr, loWsockInfo, loWsockDump, loSslErr, loSslInfo, loSslDevel, loSslDump, loProtSpecErr, loProtSpecInfo, loProtSpecDump]; SSLContext.IcsLogger := Logger; SSLContext.SSLOptions2 := [sslOpt2_ALLOW_UNSAFE_LEGACY_RENEGOTIATION]; SslRest.SslContext := SSLContext; SslRest.IcsLogger := Logger; SslRest.DebugLevel := DebugSslLow; try Data := TStringStream.Create(''); try SslRest.Agent := 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Edg/99.0.1150.36'; // Edge SslRest.RcvdStream := Data; SslRest.Url := Url; SslRest.Get; S := Data.DataString; mmoPage.Text := S; mmoLog.Lines.Add('received bytes ' + IntToStr(Length(S))); finally Data.Free; end; except on E : Exception do mmoLog.Lines.Add('Exception ' + E.Message); end; finally Logger.Free; SSLContext.Free; SslRest.Free; end; mmoLog.Lines.Add(''); mmoLog.Lines.Add('SSL library path ' + GLIBEAY_DLL_FileName); mmoLog.Lines.Add('SSL library version ' + IntToStr(ICS_OPENSSL_VERSION_NUMBER) + '/' + IntToHex(ICS_OPENSSL_VERSION_NUMBER,8)); end;
  4. HeikoG

    HTTPS problem

    Thanks a lot for you checking, I think over the weekend I'll install the latest ics version using OpenSSL 1.1.1 (8.57), and give that a try. I also switched my test program to the ICS REST component, but of course that did not fix the problem. Most other options i am aware of are not working either (Indy, Curl, Wget, CleverComponents, WinInet), only Wget2 works. I hope the website maintainers will fix things, but since that's a federal german website this may take a while. Thank you again, if I find out more I'll post it here so others with similar problems may find this info. Heiko
×