Search the Community

After finishing and testing the configuration to have TLS 1.2 on TIdFTPServer I was asked to add OpenSSL and TLS 1.2 also on the API server (based on TIdTCPServer TCP/IP communication). Unfortunately when I set Active to True, and IdSSLOpenSSL.InitContext is called, in the CiperList settings step it always returns error = 1 and I don't understand what I am doing wrong: if StatusInfoOn then begin SSL_CTX_set_info_callback(fContext, InfoCallback); end; //if_SSL_CTX_set_tmp_rsa_callback(hSSLContext, @RSACallback); if fCipherList <> '' then begin {Do not Localize} error := SSL_CTX_set_cipher_list(fContext, {$IFDEF USE_MARSHALLED_PTRS} M.AsAnsi(fCipherList).ToPointer {$ELSE} PAnsiChar( {$IFDEF STRING_IS_ANSI} fCipherList {$ELSE} AnsiString(fCipherList) // explicit cast to Ansi {$ENDIF} ) {$ENDIF} ); end else begin // RLebeau: don't override OpenSSL's default. As OpenSSL evolves, the // SSL_DEFAULT_CIPHER_LIST constant defined in the C/C++ SDK may change, // while Indy's define of it might take some time to catch up. We don't // want users using an older default with newer DLLs... (* error := SSL_CTX_set_cipher_list(fContext, {$IFDEF USE_MARSHALLED_PTRS} M.AsAnsi(SSL_DEFAULT_CIPHER_LIST).ToPointer {$ELSE} SSL_DEFAULT_CIPHER_LIST {$ENDIF} ); *) error := 1; end; Server code: https://pastebin.com/z82zhGyQ I am using the latest Indy sources from the git repository. I thank you in advance for any suggestions Best Regards Silverio