Hi Ross I am using the 32bit 1.0.2p as listed. I was using an older version but upgraded to make sure that wasn't the issue. I am sure it's just an Indy setting I have missed but not sure what :)
Cheers Rob On 25/10/2018 5:18 PM, Ross Levis wrote: >> I have the latest version if the open ssl dlls in with the app. > This could be the issue. Indy only supports OpenSSL v1.0.x, not 1.1.x. Also > ensure you are using the Win32 DLLs if you are compiling your app with the > 32-bit compiler. > > 32-bit > https://slproweb.com/download/Win32OpenSSL_Light-1_0_2p.exe > > 64-bit > https://slproweb.com/download/Win64OpenSSL_Light-1_0_2p.exe > > Ross. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Robert Martin > Sent: Thursday, 25 October 2018 4:47 p.m. > To: NZ Borland Developers Group - Delphi List > Subject: [DUG] Indy 10 SSL issue with TidHttpServer > > Hi All > > I am having trouble setting up an HttpServer with SSL support. > Everything works great for non Http but I just added SSL support and cannot > get clients to access using SSL. > > My code below > > fIdHTTPServer := TIdHTTPServer.Create(nil); > > fIdHTTPServer.Active := False; > fIdHTTPServer.DefaultPort := fSettings.PortNumber; > > with fIdHTTPServer.Bindings.Add do begin > IP := '127.0.0.1'; > Port := fSettings.PortNumber; > end; > > fIdHTTPServer.AutoStartSession := True; > fIdHTTPServer.ListenQueue := 100; > fIdHTTPServer.MaximumHeaderLineCount := 2048; > fIdHTTPServer.ServerSoftware := 'TestHTTPServer/' + > SYS_VERSION; > fIdHTTPServer.SessionState := True; > fIdHTTPServer.SessionTimeOut := SYS_SESSION_TIMEOUT_SEC > * 1000; > > //Setup for SSL > SetDllDirectory(PWideChar(ExtractFilePath(ParamStr(0)))); //This call > disables SafeDllSearchMode which means the apps directory isn't searched > first. Might fix issues with multiple different ssl dlls on some installs > > fIdHTTPServer.OnQuerySSLPort := OnQuerySSLPort; > > > > fSSLHandler := TIdServerIOHandlerSSLOpenSSL.Create(nil); > fSSLHandler.SSLOptions.SSLVersions := [sslvSSLv3, sslvSSLv2, > sslvTLSv1]; > fSSLHandler.SSLOptions.Mode := sslmServer; > fSSLHandler.SSLOptions.VerifyMode := [sslvrfPeer, sslvrfClientOnce]; > fSSLHandler.SSLOptions.VerifyDepth := 10; > fIdHTTPServer.IOHandler := fSSLHandler; > > > and > > procedure TCWFA_Server.OnQuerySSLPort(APort: TIdPort; var VUseSSL: Boolean); > begin > //Force SSL for all connections > VUseSSL := True; > end; > > > The idea here is I only want to allow SSL connections. When vUseSSL = > true my idHttpClient app fails, tring to connect from a browser returns > > 'An error occurred during a connection to localhost:52123. Cannot > communicate securely with peer: no common encryption algorithm(s). Error > code: SSL_ERROR_NO_CYPHER_OVERLAP ' > > I have tried every ssl version combination I can think of and the > VerifyMode / VerifyDepth settings seem to make no difference. I have > the latest version if the open ssl dlls in with the app. Setting vUseSSL > := False allows connection unless I try and force ssl from the browser > end. by adding https:// to the call. > > Any suggestions ? > > > > Cheers > Rob > > > > _______________________________________________ > NZ Borland Developers Group - Delphi mailing list > Post: [email protected] > Admin: http://delphi.org.nz/mailman/listinfo/delphi > Unsubscribe: send an email to [email protected] with > Subject: unsubscribe > _______________________________________________ NZ Borland Developers Group - Delphi mailing list Post: [email protected] Admin: http://delphi.org.nz/mailman/listinfo/delphi Unsubscribe: send an email to [email protected] with Subject: unsubscribe
