Re: [twsocket] HTTPS problem
Hi Arno, I did copy Openssl v0.9.8x from the wiki. First I got 'unsupported ssl version', but this VM still uses ICS version 5.x. So I download ICS version 7.x and copied the vc32 directory to a new search path, changed the filenames to 'OverbyteIcsxxx' and all is working now ;-) I also got information from Belgacom. The day it stopped working they upgraded there reverse proxy to a newer version, so there was maybe some conflict between SSL versions. This is a test application, now I will do same changes in the production application. I hope there will no conflicts because it is very large and contains a lot of server and clients using ICS version 5.x. However there is only 1 unit (this one) using SSL so I assume there will be no problem. Thanks again for the help! -- mvg, Wilfried http://www.mestdagh.biz http://www.comfortsoftware.be http://www.expertsoftware.be -Oorspronkelijk bericht- Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org] Namens Arno Garrels Verzonden: vrijdag 8 februari 2013 17:53 Aan: ICS support mailing Onderwerp: Re: [twsocket] HTTPS problem Wilfried Mestdagh wrote: It is an old application written in Delphi 7. No problem since both ICSv7 and ICSv8 still support Delphi 7. -- Arno -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPS problem
Hello Arno,
Ok I will try with latest version. This is at the moment not the case. It is
an old application written in Delphi 7. Normally I don't update components
at the time there are a lot of commercial applications because I cannot test
them all.
But I have Delphi XE on another VM and will try with latest version first.
I have news hewever from Belgacom. But they know nothing about SSL. The only
thing they see is that my request gets to there reverse proxy witch
generates a 403 error. But I don't get a 403. According to them there should
be something wrong with my SSL but they don't know what.
I will first try again with latest version and then I come back here.
--
mvg, Wilfried
http://www.mestdagh.biz
http://www.comfortsoftware.be
http://www.expertsoftware.be
-Oorspronkelijk bericht-
Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org]
Namens Arno Garrels
Verzonden: woensdag 6 februari 2013 18:47
Aan: ICS support mailing
Onderwerp: Re: [twsocket] HTTPS problem
Arno Garrels wrote:
If you send that file to me as PM
I'll take a look at it when
I have some minutes,
Hello Wilfried,
Received your log thanks, it looks strange!
When I try to Post some nonsense data to your URL it
works as expected (404 return). Strange is that the server seems
to initiate a SSL/TLS renegotiation so there are two
OnSslHandshakeDone events for me.
The first handshake in _your log succeeds however the second fails:
{code}
- 15:13:48:793 ICB SSL3 alert read fatal handshake failure
- 15:13:48:803 00A94398 BIO_read(sslbio, 0x1, 0) = 0 [186]
- 15:13:48:803 00A94398 1812 [187] error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
{code}
Maybe a newer OpenSSL libraries will help since some older versions
did not support renegotiation due to some security issue that was
fixed in newer versions. In my test above I used Openssl v0.9.8x
32-bits from: http://wiki.overbyte.be/wiki/index.php/ICS_Download
with latest ICSv8, latest ICSv7 should make no difference in this
regard.
--
Arno
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPS problem
Ik ga dus eerst proberen in Delphi XE met latest version.
-Oorspronkelijk bericht-
Van: twsocket-boun...@elists.org [mailto:twsocket-boun...@elists.org]
Namens Arno Garrels
Verzonden: woensdag 6 februari 2013 18:47
Aan: ICS support mailing
Onderwerp: Re: [twsocket] HTTPS problem
Arno Garrels wrote:
If you send that file to me as PM
I'll take a look at it when
I have some minutes,
Hello Wilfried,
Received your log thanks, it looks strange!
When I try to Post some nonsense data to your URL it
works as expected (404 return). Strange is that the server seems
to initiate a SSL/TLS renegotiation so there are two
OnSslHandshakeDone events for me.
The first handshake in _your log succeeds however the second fails:
{code}
- 15:13:48:793 ICB SSL3 alert read fatal handshake failure
- 15:13:48:803 00A94398 BIO_read(sslbio, 0x1, 0) = 0 [186]
- 15:13:48:803 00A94398 1812 [187] error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
{code}
Maybe a newer OpenSSL libraries will help since some older versions
did not support renegotiation due to some security issue that was
fixed in newer versions. In my test above I used Openssl v0.9.8x
32-bits from: http://wiki.overbyte.be/wiki/index.php/ICS_Download
with latest ICSv8, latest ICSv7 should make no difference in this
regard.
--
Arno
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPS problem
Wilfried Mestdagh wrote: It is an old application written in Delphi 7. No problem since both ICSv7 and ICSv8 still support Delphi 7. -- Arno -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPS problem
Arno Garrels wrote:
If you send that file to me as PM
I'll take a look at it when
I have some minutes,
Hello Wilfried,
Received your log thanks, it looks strange!
When I try to Post some nonsense data to your URL it
works as expected (404 return). Strange is that the server seems
to initiate a SSL/TLS renegotiation so there are two
OnSslHandshakeDone events for me.
The first handshake in _your log succeeds however the second fails:
{code}
- 15:13:48:793 ICB SSL3 alert read fatal handshake failure
- 15:13:48:803 00A94398 BIO_read(sslbio, 0x1, 0) = 0 [186]
- 15:13:48:803 00A94398 1812 [187] error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
{code}
Maybe a newer OpenSSL libraries will help since some older versions
did not support renegotiation due to some security issue that was
fixed in newer versions. In my test above I used Openssl v0.9.8x
32-bits from: http://wiki.overbyte.be/wiki/index.php/ICS_Download
with latest ICSv8, latest ICSv7 should make no difference in this
regard.
--
Arno
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
[twsocket] HTTPS problem
Hello,
I have a application with THttpCli posting data to a server in HTTPS.
Normally I have to get back a little data and a statuscode 201. Certainly it
won't work anymore. Here is nothing changed (only the internet provider and
a faster VDSL line) and provider say it is still working when they test
locally.
I set IcsLogger, but I'm not sure what I should conclude from this log. I'm
not HTTPS experience :( Can someone say what possible go wrong seeing this
log?
// This is log from my application, Url and data
5/02/2013 11:44:31 URL:
https://api.beopen.belgacom.be/SendSmsService/OneAPI_RES
T_v2_0/ui_smpp0/2_0/smsmessaging/outbound/32473803180/requests
Data:
{outboundSMSMessageRequest:{address:[tel:+32477639544],outboundSMST
extMessage:{message:This is a
testmessage},senderAddress:32473803180,r
eceiptRequest:{notifyURL:http:\/\/10.124.13.140:10101\/MockRestService\/
rest
},clientCorrelator:1}}
// This is log from IcsLogger
- State = httpNotConnected
- Login api.beopen.belgacom.be
- State = httpDnsLookup
- State = httpDnsLookupDone
- connect to 195.13.15.43/443
- SessionConnected
- State = httpConnected
5/02/2013 11:44:31 Session connected
- State = httpWaitingHeader
- 6 header lines to send
POST
/SendSmsService/OneAPI_REST_v2_0/ui_smpp0/2_0/smsmessaging/outbound/3247380
3180/requests HTTP/1.0
Accept: application/json
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/4.0 (compatible; ICS)
Host: api.beopen.belgacom.be:443
Content-Length: 261
- SendRequest Done
- SessionClosed Error: 0
5/02/2013 11:44:31 Session closed
- State = httpReady
- PrepareNTLMAuth end, FStatusCode = 0 FProxyAuthNTLMState=0
FAuthNTLMState=0
- PrepareNTLMAuth end, FStatusCode = 0 FProxyAuthNTLMState=0
FAuthNTLMState=0
- RequestDone
// Again log from my application
5/02/2013 11:44:31 RequestDone, Error: 0, Statuscode: 0
--
mvg, Wilfried
http://www.mestdagh.biz
http://www.comfortsoftware.be
http://www.expertsoftware.be
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPS problem
Wilfried Mestdagh wrote: I set IcsLogger, but I'm not sure what I should conclude from this log. I'm not HTTPS experience :( Can someone say what possible go wrong seeing this log? From what you posted in your previous mail there's no SSL stuff included in the log, check your IcsLogger LogOptions. Best results when you include every LogOption except just one of the loDest.. opts, choose loDestFile and LogFileOption = lfoOverwrite. That's the fastest way to get it all logged. If you send that file to me as PM I'll take a look at it when I have some minutes, either today or tomorrow evening. -- Arno -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
