Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 116
  • Last Modified:

Delphi Indy 10 + TLS 1.2

Hello!

I have a problem, when I1m trying to get a https image from a web site. The page uses TLS 1.2, so I use OpenSSL and it works for all the text I want to get from the page. When it comes to the picture, then I get the "underlying crypto error, error connecting with ssl, error 1409442E: SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version.

Does anyone have any idei what is causing this? I've tryed more SSL/TLS versions, but none of them worked. I use the latest dlls.

Thanks for any help in advance!
0
David Toth
Asked:
David Toth
  • 3
1 Solution
 
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
The message...

1409442E: SSL routines:SSL3_READ_BYTES:tlsv1

Open in new window


suggests you're allowing the SSL3 protocol which has been deprecated for years, as it can be cracked far to easily.

Run your site through the SSLLabs Tester + you'll see exactly what you must fix.

You're target report will resemble https://www.ssllabs.com/ssltest/analyze.html?d=davidfavor.com&latest + be sure to go through every line of this report, as some lines relate to strength of security + other lines relate to speed of your connections.

In your SSL config, there will be a place to completely disable SSL2 + SSL3. Be sure to disable these + this will likely fix your problem.
1
 
David TothAuthor Commented:
Thank very much you for your answer!

I tested my browser and it does not support SSL3. In my delphi code I set the SSLOptions.Method:=sslvTLSv1_2. So I do not understand why this error returs all the time... Do you have any other idea? Is there a way to disable SSL3 in delphi?
0
 
David TothAuthor Commented:
I solved the problem. I used an OpenSSL version, that did not support TLS. I updated it to the latest version and everything works like a charm. :)
0
 
David TothAuthor Commented:
I thought that I used the latest OpenSSL files, but I was wrong. Now I updated it and it solved my problem.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now