Jump to content

Search the Community

Showing results for tags 'ssl'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Delphi Questions and Answers
    • Algorithms, Data Structures and Class Design
    • VCL
    • FMX
    • RTL and Delphi Object Pascal
    • Databases
    • Network, Cloud and Web
    • Windows API
    • Cross-platform
    • Delphi IDE and APIs
    • General Help
    • Delphi Third-Party
  • C++Builder Questions and Answers
    • General Help
  • General Discussions
    • Embarcadero Lounge
    • Tips / Blogs / Tutorials / Videos
    • Job Opportunities / Coder for Hire
    • I made this
  • Software Development
    • Project Planning and -Management
    • Software Testing and Quality Assurance
  • Community
    • Community Management

Calendars

  • Community Calendar

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Delphi-Version

Found 9 results

  1. OverbyteIcsLIBEAY.pas Version: 8.70 Function IcsX509VerifyErrorToStr function string: Result := String(AnsiString(X509_verify_cert_error_string(ErrCode))); If OpenSSL is not loaded, then IcsX509VerifyErrorToStr fails with an exception: ClassName: EAccessViolation. Message: Access violation at address 00000000. Read of address 00000000
  2. I am trying to connect with web-browser to Indy HTTP server runing on https://127.0.0.1:4567. I have read many tutorials and some of them are interesting, like: 1. https://mikejustin.wordpress.com/2019/06/14/how-to-lets-encrypt-certificates-with-indy-http-server/ 2. https://synaptica.info/en/2016/09/21/build-your-own-https-server-with-delphi/ I have created self signed certificates with help of this example tutorial: https://github.com/glenkleidon/DelphiCertAuth As a passphrase for testing I used "123456". After that I have installed newly generated file root_cert.crt in Trusted Root CA in Windows (using "WinKey+R" and certmgr.msc) In my code I have set: ... // create IOHandler for OpenSSL IdServerIOHandlerSSLOpenSSL1.SSLOptions.CertFile := 'mycomputerCertificate.pem'; IdServerIOHandlerSSLOpenSSL1.SSLOptions.KeyFile := 'mycomputerPrivateKey.pem'; IdServerIOHandlerSSLOpenSSL1.SSLOptions.RootCertFile := 'certificateAuthorityCertificate.pem'; IdServerIOHandlerSSLOpenSSL1.SSLOptions.Mode := sslmServer; IdServerIOHandlerSSLOpenSSL1.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2]; ... procedure TForm1.IdServerIOHandlerSSLOpenSSL1GetPassword(var Password: string); begin Password := '123456'; end; ... procedure TForm1.IdHTTPServer1QuerySSLPort(APort: Word; var VUseSSL: Boolean); // This will not be called when the request is a HTTPS request // It facilitates the use of the server for testing via HTTP://localhost:8080 (i.e. without SSL) begin VUseSSL := (APort <> 8080); end; ... function TForm1.IdServerIOHandlerSSLOpenSSL1VerifyPeer(Certificate: TIdX509; AOk: Boolean; ADepth, AError: Integer): Boolean; begin if ADepth = 0 then Result := AOk else Result := True; end; ... Unfortunately, when I try to connect to https://127.0.0.1:4567 I get an warning (check image). In application I can see messages and exception raised: IdServerIOHandlerSSLOpenSSL1StatusInfo(const AMsg: string); AMsg := SSL status: "before/accept initialization"; AMsg := SSL status: "before/accept initialization"; AMsg := SSL status: "SSLv3 read client hello A"; AMsg := SSL status: "SSLv3 write server hello A"; AMsg := SSL status: "SSLv3 write certificate A"; AMsg := SSL status: "SSLv3 write server done A"; AMsg := SSL status: "SSLv3 flush data"; AMsg := SSL status: "SSLv3 read client certificate A"; AMsg := SSL status: "SSLv3 read client key exchange A"; AMsg := SSL status: "error"; 127.0.0.1:55810 Stat Disconnected. IdHTTPServer1Exception(AContext: TIdContext; AException: Exception); EIdOSSLUnderlyingCryptoError: Error accepting connection with SSL. error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown Am I doing something wrong or I am missing something? Why I can't connect to IP address without warning?
  3. On Server Side I have been successfully using TSslFtpServer (Delphi Seattle) with IcsHosts for SSL From Client Side I PUT a File , Check Size after Copy & Finally Rename the File. All this has worked fine for years. My Server Side Exe was 32 Bit. Now I want to make it 64Bit Exe. From Client side Copy takes place , Size checking takes place but Rename does not happen. I get the error 450 File '/c:/Sample/Abc.txt' can't be renamed 64 Bit works fine without SSL
  4. Dear All, I'm not versed in HTTP a SSL, so excuse-me if I make any confusion. A FMX project I'm working on demands GET, POST, FTP and email receiving and parsing capabilities. I started with a simple GET do a HTTPS server, so I dropped a TIdHTTP and a TIdSSLIOHandlerSocketOpenSSL components in a bare form and configured as follows: IdHTTP1.Request.ContentType := 'application/x-www-form-urlencoded'; IdHTTP1.IOHandler := IdSSLIOHandler; IdSSLIOHandler1.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2]; IdSSLIOHandler1.SSLOptions.SSLMode apparently has no impact and then called IdHTTP1.Get(<https url>); In the application executable folder there are 3 files: libeay32.dll, ssleay32.dll and the application executable. The GET method raises an exception EIdHTTPProtocolException with the message 'HTTP/1.1 403 Forbidden', so I think I'm missing something very basic because the <https url> works in the browser, I just could't figure it out what that would be by going through both component's properties. Can you help me? Also, a long time ago I needed to use Indy in a project, and there were paid support available. Is there nowadays? As I said before, this line of work is not my strong suit and I don't want to be the PITA I'll probably be - I think I'll have many more questions. Best regards & TIA Carlos
  5. I am using ICS TSslFTPServer (FtpSslType=ftpAuthTls,ftpAuthSsl) and TSslWSocketServer (SslEnable=True) on my Server side application along with TSslContext wherein I am pointing to SslPrivKeyFile and SslCertFile to your sample 01key.pem and 01cert.pem respectively. My Client Application connects and all is well. problem-1) If I try to change the certificates to another of your provided examples or If I build with OpenSSL it gives error 'Can't read certificate file ... error:0909006C:PEM routines:get_name:no start line' problem-2) Using SSL I lose compatibility with WinXP and probably with Vista too. Is there a workaround ? (Angus has suggested me to use the IcsHosts property instead of SslContext but I will need to do more work to get it working for me, hope I am using above mentioned components properly to begin with SSL) (How I generated my own PEM files openssl genpkey -aes256 -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out 01key.pem openssl pkey -in 01key.pem -out 01cert.pem -pubout)
  6. I am using TSslFtpServer , TSslWSocketServer along with TSSLContext component successfully when using the SslCAFile , SslCertFile and SslPrivateKeyFile properties to point to files on the Hard Disk. I noticed there are matching SslCALines , SslCertLines and SslPrivateKeyLines . I filled these properties with text from the corresponding files but it did not work. I am asking this because I would prefer not to expose the Certificate files.
  7. AllanF

    Some assistance on SSL required

    Hi, I am using ICS TFTPServer and TWSocketServer on my Server side application (Delphi Seattle). I want to use SSL to secure the connections. This question is more related to SSL rather than ICS. I have read on SSL and checked the Demo programs too. I yet need some clarity. Mine is a backup application and will be sending critical data over the WAN. If I generate my own certificates via OpenSSL where do I keep the PEM files for the ICS Server components to access ? Should I generate a different PEM file per customer upon installation or can I supply a common one ? I files are large can I have only password exchanged secretly and data without encryption (My data is already compressed with AES ) ? Regards Allan (Thanks for all the new features in ICS)
  8. Can someone help me? We are having a bug (access violation) with SSL (HTTPS support) only in 64bits. My current Overbyte ICS version is 8.63. The bug is attached image. {* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *} { V8.57 convert wire-format concactanted length prefixed strings to TStrings } function IcsWireFmtToStrList(Buffer: TBytes; Len: Integer; SList: TStrings): Integer; var offset, mylen: integer; AStr: AnsiString; begin Result := 0; if NOT Assigned(SList) then Exit; SList.Clear; offset := 0; while offset < Len do begin mylen := Buffer[offset]; if mylen = 0 then Exit; // illegal offset := offset + 1; SetLength(AStr, mylen); Move(Buffer[offset], AStr[1], mylen); SList.Add(String(AStr)); offset := offset + mylen; end; Result := Slist.Count; end;
  9. Hi, I use TSslFtpClient component for connecting to a server via SSL (TSL connections), and also TSslContext and TSslAvlSessionCache. I can connect and trasfer some file, but after a while (7/8 seconds, and about 145 files) the session (not the connection) closes, so I close also the connection and restart it. I would know if is it possible avoid expire the session and do a reconnect to the server. I have to transfer also thousands of file at a time Thanks in advance PS: if I try to copy many file with the OverbyteIcsXferTst1 example, that use TIcsFtpMulti, It give me "FTP Session Closed - Connection reset by peer (#10054)" after only having transferred 45 files
×