ROQUES Guillaume wrote:
>> That's confusing description. Did he buy a SSL server certificate in
>> order to access your server? Or are you talking about client
>> certificates?
> The customer already have a SSL certificate on his domain, so he want
> that my HttpServer use SSL with this certificate.
Do you ask for how to get a ICS TSslHttpServer working with a bought
server certificate?
>
>> Please provide more details about how you setup the component to
>> use your the certificates. What HTTP client application is used?
> Here is my initialization :
>> interface
>> [...]
>>
>> TMyService = class(TService)
>> SslHttpServer: TSslHttpServer;
>> TWSslAvlSessionCache: TSslAvlSessionCache;
>> TWSslContext: TSslContext;
>> [...]
>> end;
>>
>> implementation
>> [...]
>>
>> procedure TMyService.ServiceStart(Sender: TService; var Started:
>> Boolean); begin
>> [...]
>>
>> SslCertFile := APath + 'MyCertificate.pem';
>> SslPassPhrase := '';
>> SslPrivKeyFile := APath + 'MyCertificate.pem';
>> SslCAFile := APath + 'MyCertificate.pem';
>> SslCAPath := APath;
>> SslVerifyPeer := False;
>>
>> // Pre-loads OpenSSL DLL's
>> TWSslContext.InitContext;
>> DoLog('OpenSslVersion : ' + OpenSslVersion);
>> DoLog(OpenSslCompilerFlags + #13#10 + OpenSslBuiltOn
>> + #13#10 + OpenSslPlatForm + #13#10 + OpenSslDir);
>> SslHttpServer.Start;
>> end;
>
Open the MyCertificate.pem in a text editor that understands UNIX line
breaks. Does MyCertificate.pem include multiple certificates?
With a bought commercial certificate there should be at least 2 certificates
included in MyCertificate.pem.
Make sure that the order of these certificates is correct.
First has to be the server certificate followed by possible intermediate
certificates followed by the root CA certificate.
--
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
