madam mar
asked on
idtcpserver and idtcpclient encryption using ssl
Note i don't have certificate in hand right now
after i search on google on how to use SSL with idtcpserver i found a few details , that i have to drop TIdServerIOHandlerSSLOpenS SL on the server form and assign its property as needed as example
sense i have no certificate in hands right now i have to use it without certificate until i get one . currently i only care about encryption .
also i don't feel that is right to drop IdServerIOHandlerSSLOpenSS L and use it for all connected clients . should i create ssl to each client connected on connect event ?
i really dont understand how to assign ssl properly to each connected client .
after i search on google on how to use SSL with idtcpserver i found a few details , that i have to drop TIdServerIOHandlerSSLOpenS
IdServerIOHandlerSSLOpenSSL.SSLOptions.KeyFile:= ....;
IdServerIOHandlerSSLOpenSSL.SSLOptions.CertFile:= ....;
IdServerIOHandlerSSLOpenSSL.SSLOptions.RootCertFile:= ....;
sense i have no certificate in hands right now i have to use it without certificate until i get one . currently i only care about encryption .
also i don't feel that is right to drop IdServerIOHandlerSSLOpenSS
i really dont understand how to assign ssl properly to each connected client .
ASKER
i see this example but i dont have ssl certificate in hand can i use it without certificate can you show me how ?
Simply, don't set ssl property .... If you look closely - in example folder is sample certificate (3 files)....
Run example ....
Run example ....
ASKER
i did that but the client unable to connect to the server
With a reason? (error code)
ASKER
-------------------------- -
Debugger Exception Notification
-------------------------- -
Project sslClient10.exe raised exception class EIdOSSLUnderlyingCryptoErr or with message 'Error connecting with SSL.
error:14094410:SSL routines:SSL3_READ_BYTES:s slv3 alert handshake failure'.
-------------------------- -
Break Continue Help
-------------------------- -
Debugger Exception Notification
--------------------------
Project sslClient10.exe raised exception class EIdOSSLUnderlyingCryptoErr
error:14094410:SSL routines:SSL3_READ_BYTES:s
--------------------------
Break Continue Help
--------------------------
please check in IE under Security if you have enabled SSLx.x, TLSx.x - which you use ...
examples use: SSLOptions.Method = sslvTLSv1
examples use: SSLOptions.Method = sslvTLSv1
ASKER
its already set to sslvTLSv1 i checked the security tab over ie there is no SSL property at all
There is .... under Internet options/Advanced tab - at bottom - there are Use SSL 2.0, ...
Put all checks for a start...
Put all checks for a start...
ASKER
i checked them all still cannot read from the client
... same error? do you run client on same machine as server is?
ASKER
yes both on same machine on windows 8.1
Set properties for both server and client:
IdSSLIOHandlerSocketOpenSS L1.SSLOpti ons.Method := sslvTLSv1_2;
IdSSLIOHandlerSocketOpenSS L1.SSLOpti ons.SSLVer sions := [sslvTLSv1_2];
IdSSLIOHandlerSocketOpenSS
IdSSLIOHandlerSocketOpenSS
ASKER
same doesn't read without certificate
?? do you run example or your app?
Example works for me on win 7 + appropriate libeay32.dll, ssleay32.dll in app folder....
Example works for me on win 7 + appropriate libeay32.dll, ssleay32.dll in app folder....
ASKER
i dont know maybe the way i set up the onconnect event ?
procedure Tform1.TcpServerConnect(AContext: TIdContext);
var
Connection: Tclient;
begin
Connection := AContext as Tclient;
.... what to do here?
end;
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There are sample certificates included too... So you can test properly ...
Server side requires only one instance of a key (ssl component) - because server have own certificate - but clients might have own (different)....