ROQUES Guillaume wrote: >> That's confusing description. Did he buy a SSL server certificate in >> order to access your server? Or are you talking about client >> certificates? > The customer already have a SSL certificate on his domain, so he want > that my HttpServer use SSL with this certificate.
Do you ask for how to get a ICS TSslHttpServer working with a bought server certificate? > >> Please provide more details about how you setup the component to >> use your the certificates. What HTTP client application is used? > Here is my initialization : >> interface >> [...] >> >> TMyService = class(TService) >> SslHttpServer: TSslHttpServer; >> TWSslAvlSessionCache: TSslAvlSessionCache; >> TWSslContext: TSslContext; >> [...] >> end; >> >> implementation >> [...] >> >> procedure TMyService.ServiceStart(Sender: TService; var Started: >> Boolean); begin >> [...] >> >> SslCertFile := APath + 'MyCertificate.pem'; >> SslPassPhrase := ''; >> SslPrivKeyFile := APath + 'MyCertificate.pem'; >> SslCAFile := APath + 'MyCertificate.pem'; >> SslCAPath := APath; >> SslVerifyPeer := False; >> >> // Pre-loads OpenSSL DLL's >> TWSslContext.InitContext; >> DoLog('OpenSslVersion : ' + OpenSslVersion); >> DoLog(OpenSslCompilerFlags + #13#10 + OpenSslBuiltOn >> + #13#10 + OpenSslPlatForm + #13#10 + OpenSslDir); >> SslHttpServer.Start; >> end; > Open the MyCertificate.pem in a text editor that understands UNIX line breaks. Does MyCertificate.pem include multiple certificates? With a bought commercial certificate there should be at least 2 certificates included in MyCertificate.pem. Make sure that the order of these certificates is correct. First has to be the server certificate followed by possible intermediate certificates followed by the root CA certificate. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be