Search the Community

Hey there, I recently updated out Delphi from 10.3.2 to 11.3. We are communicating as a TLS-Client to our hardware (TLS-Server) via TLS 1.2. On Delphi 10.3.2 everything was working fine, but since the updated Version, I get a "bad hello message" at the handshake of my server. We are using the OpenSSL librariers and Indy libeay32.dll ssleay32.dll procedure myFoo; var FIdTCPClient : TIdTCPClient; FIdSSLIOHandler : TIdSSLIOHandlerSocketOpenSSL; begin FIdTCPClient := TIdTCPClient.Create; FIdTCPClient.Host := '10.10.10.10'; FIdTCPClient.Port := 10007; FIdSSLIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create; FIdSSLIOHandler.SSLOptions.Mode := sslmClient; FIdSSLIOHandler.SSLOptions.VerifyMode := []; FIdSSLIOHandler.SSLOptions.VerifyDepth := 0; FIdSSLIOHandler.SSLOptions.SSLVersions := [sslvTLSv1_2]; FIdSSLIOHandler.SSLOptions.Method := sslvTLSv1_2; FIdTCPClient.IOHandler := FIdSSLIOHandler; FIdTCPClient.Connect; FIdTCPclient.Send([0,1,2,3]); // send testdata -> server says "bad hello message" --> testdata is working @ Delphi 10.3.2; Delphi 11.3 not end; So I tried the "ICS" component and did in my opinion the same thing, just advanced the demo "...\icsv870\Samples\Delphi\SslInternet\OverbyteIcsSimpleSslCli.dproj". With this component, the communication is working! So it seems like an issue with indy. procedure TForm1.Button1Click(Sender: TObject); begin Sock.Addr := '10.10.10.10'; Sock.Port := '10007'; RecStream.Size := 0; Sock.SslEnable := TRUE; Sock.Connect; //--> sock.TimeoutIdle := 60000; sock.TimeoutConnect := 60000; Sock.StartSslHandshake; // connected with server end; procedure TForm1.Button2Click(Sender: TObject); begin Sock.SendTB([0,1,2,3,4,5,6,7,8,9]); // this data was received by server end; Embarcadero support could't help me, because indy isn't a component developed by them. So anybody else having issues wiht TLS1.2 after updating? Did I miss something to set another parameter in indy? Thanks in advance. By the way, I am using the libeay32.dll, ssleay32.dll with the timestamp of (2019-12-21). I am not able to use the current DLLs which are recommended by embarcadero: https://docwiki.embarcadero.com/RADStudio/Sydney/de/OpenSSL If I use them, I get an error (" Could not open SSL library "), which I found already there: On worst case, I have to switch to "ICS", I try to avoid 3rd party tools and significant changed on TLS communication....