Sid D

Couldn't find one for Delphi.

No, haven't been actively looking lately. Had to create it manually.

Is there any tool available to create a SBOM for a Delphi Application or DLL? Thanks Sid

I just hid the name here. It is a proper name in the subject otherwise. The Certificate is issued by GoDaddy and works fine with IIS. Looks like something to do with TIdServerIOHandlerSSLOpenSSL component? Thanks

Hi Remy, I have one other question. CertFile, KeyFile and RootCertFile (intermediate certificate) are assigned to the TIdServerIOHandlerSSLOpenSSL component. We are running a PCI Scan on the Server and getting the following errors : Informative Details: depth=0 CN = *.XXXXX.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = *.XXXXX.com verify error:num=27:certificate not trusted verify return:1 depth=0 CN = *.XXXXX.com verify error:num=21:unable to verify the first certificate verify return:1 Serial: 3189977664522596489 (0x2c4513c8df4cb089) What could be the reason for these errors? Thanks Sid

It is resolved. It was not locating the file in the Service folder. The resolution was to get the complete folder name at run time (Service start) where this PEM file resides and assign it to the RootCert property. Thanks

Hi, I am getting the following error for TIdServerIOHandlerSSLOpenSSL when starting the Windows Service. Running the app as stand-alone server does not throw the error. The error is thrown only when starting this Windows Service. Could not load root certificate. error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib The Delphi version used is Delphi 10.1 update 1 and Indy version is 10.6.2.5341. The root file is in pem format. What can be the reason here? Thanks Sid

Hi - I am getting the following error for TIdServerIOHandlerSSLOpenSSL when starting the Windows Service. Running the app as stand-alone server does not throw the error. The error is thrown only when starting this Windows Service. Could not load root certificate. error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib The Delphi version used is Delphi 10.1 update 1 and Indy version is 10.6.2.5341. The root file is in pem format. What can be the reason here? Thanks Sid

Hi Remy - I have one other question. In the 'OnConnect' event of TIdTCPServer, is it possible to figure out from the incoming data if the handshake requested is on TLS or plain text? I was wondering if it is possible, then PassThrough = True/False can be set based on that and there will be no need to use the second port. If possible, can you please provide an example? Thanks!

Upon further testing with the following versions: The error is thrown in the following combination: Delphi 10.3 Update 3 and Indy version 10.6.2.5366 It works fine with the following versions: Delphi 10.1 Berlin Update 1 and Indy Version 10.6.2.5341 So, definitely something wrong or bug in Delphi 10.3.3 or Indy version 10.6.2.5366.

Indy version is 10.6.2.5366. I checked on the Server side, PassThrough is True by default.

Hi Remy, If there is no TIdSSLIOHandlerSocketOpenSSL component assigned on the TIdTCPClient side, setting the PassThrough property to True on the Server side (per you explained above) throws the following error: First chance exception at $76A6C3A2. Exception class EIdOSSLUnderlyingCryptoError with message 'Error accepting connection with SSL. error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'. What can be the reason? Thanks!

Hi Remy, If there is no TIdSSLIOHandlerSocketOpenSSL component assigned on the TIdTCPClient side, setting the PassThrough property to True on the Server side (per you explained above) throws the following error: First chance exception at $76A6C3A2. Exception class EIdOSSLUnderlyingCryptoError with message 'Error accepting connection with SSL. error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'. What can be the reason? Thanks!

Hi, I’ve a question about TIdTCPServer and TIdTCPClient. Can the same TIdTCPServer with SSL/TLS (implemented using TIdServerIOHandlerSSLOpenSSL) support both SSL and non-SSL TIdTCPClients. By non-SSL TIdTCPClient, I mean that do not support SSL/TLS and do not use TIdSSLIOHandlerSocketOpenSSL component. This is for backwards compatibility. I'm using Delphi 10.3 and 10.1. Thanks!