Jump to content
Alberto Miola

Correct open SSL library

Recommended Posts

I have a java back-end that is on https and this is the Delphi code:


 

procedure TBaseHTTPRequest.DoRequest(OnCompleted: TCompletedHandler;
                                     OnError: TErrorHandler);
begin
  TTask.Run(
    procedure
    var
      FIdHTTP: TIdHTTP;
      FIdSSL: TIdSSLIOHandlerSocketOpenSSL;
      exc: TObject;
      json: string;
    begin
      FIdHTTP := TIdHTTP.Create(nil);
      try
        FIdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
        try
          try
            //1. Setup the IdHTTP object
            SetupConnection(FIdHTTP, FIdSSL);

            //2. JSON response from the server
            json := ExecuteRequest(FIdHTTP);

            //3. Synchronize with the main thread
            TThread.Synchronize(nil,
                  procedure
                  begin
                    OnCompleted(json);
                    FSelf := nil;
                  end
            );
          except
            on E: Exception do
              begin
                //Capure the exception object
                exc := AcquireExceptionObject;

                //Synchronize with the main thread
                TThread.Synchronize(nil,
                  procedure
                  begin
                    OnError((exc as Exception).Message);
                    FSelf := nil;
                  end
                );
              end;
          end;
        finally
          FIdSSL.Free;
        end;
      finally
        FIdHTTP.Free;
      end;
    end
  );
end;

Indy is able to make POST requests because in this method I assing the SSL handler

 

procedure TBaseHTTPRequest.SetupConnection(FIdHTTP: TIdHTTP; FIdSSL: TIdSSLIOHandlerSocketOpenSSL);
begin
  with FIdHTTP do
    begin
      //API key needed to access the website
      Request.CustomHeaders.AddValue('ApiKey', API_KEY);

      //Set the Content-Type
      Request.CustomHeaders.AddValue('Content-Type', 'application/x-www-form-urlencoded');

      //Connection timeout
      ReadTimeout := 2000;

	  //SSL Handler
      IOHandler := FIdSSL;
    end;
end;

As you can see the the FIdSSL object is only created, I do not set any property (everything is default but I guess that it's correct, isn't it?). My project has the following files:

 

  1. mvm_gestionale.exe
  2. libeay32.dll
  3. ssleay32.dll

 

Thanks to the DLLs I can connect to the https endpoint. I have downloaded the dll from https://indy.fulgan.com/SSL/ but actually I have picked a random one!

I am using openssl-1.0.2t-i386-win32.zip but does it make any difference if I use any other zip? If so, do I have to change the code?

 

They are openssl-1.0.2r, openssl-1.0.2s, openssl-1.0.2t but I'm not able to figure out if I'm doing things in the proper way

Share this post


Link to post

What is the actual problem you are experiencing?  You did not provide any details whatsoever about that.  Are you getting an error?  Corrupted data?  Which version of Indy are you using?  How is the Java server configured?  Which SSL/TLS version(s) does it expect?  Please be more specific.

 

With the code you have shown so far, the SSLIOHandler uses only TLS 1.0 by default.  Does the server support TLS 1.0?  Many servers nowadays no longer support TLS 1.0 and earlier, they expect TLS 1.1 or 1.2 at a minimum.  You can enable TLS 1.1 and 1.2 in the SSLIOHandler's SSLOptions.SSLVersions property (only sslvTLSv1 is enabled by default).

Edited by Remy Lebeau

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×