Jump to content

TLS v1.3

Recommended Posts

I need TLS v1.3 support in my Delphi 2007 application which uses Indy I found this solution:




Everything compiled fine, but I get the following run-time error: "error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed". I believe I need different DLLs. The version I was able to find is "openssl-1.1.1o-win32". Where can I get the DLLs that work with this above mentioned solution?


Or, maybe there is a built-in support of TLS v1.3 in Indy already?

Share this post

Link to post

Nop, that pull request is still pending, just read


"error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"

The last part is the interessint part, it contains the error message. By default is certificate verification active.

You have two possibilites:

1.) Just ignore the verification and accept every certificate, even if it is a malicious from an attacker...

MyIOHandler.Options.VerifyCertificate := False;


2.) Let OpenSSL handle certificate verification

LMyIOHandler.Options.VerifyCertDirectory := 'C:\Path\To\Certificates';
LMyIOHandler.Options.CertFile := 'C:\Path\To\MyCertificates.pem';


3.) Implement the certificate verification on your own

procedure HandleMyCertificateVerification(Sender: TObject;
    const x509: TIdOpenSSLX509;
    const VerifyResult: Integer;
    const Depth: Integer;
    var Accepted: Boolean);
  Accepted := DoMyVerification(x509);

LMyIOHandler.Options.OnVerify := HandleMyCertificateVerification;


  • Thanks 1

Share this post

Link to post

Thank you very much Mezen! Turning off the certificate verification actually helped! It still needs testing but for now I can finally access websites via TLS v1.3 with Indy!

Share this post

Link to post
Posted (edited)

Hello Mezen. What do I do with this error message:


error:141E3152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled


I already tried setting AllowUnsafeLegacyRenegotiation to True. It doesn't help.

Edited by Maxxed

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now