Discussion:
How do I do SSL in Delphi 6?
(too old to reply)
Dan
2008-06-18 00:07:21 UTC
Permalink
Hi, I'm trying to get SSL up. For SSL do I need a CertFile, KeyFile, and
RootCertFile? If so where can I apply for those other than paying verisign
a ton of money?

Also when I put the component down and set it as the intercept for a
HTTPServer, I get an error that I'm missing DLLs, something like eys.dll and
ssleas.dll (don't remember the exact names), but I grabbed the newest
versions of those dlls, and put them in the same directory as the exe, and
it still couldn't find them.

- Dan
Dan
2008-06-18 00:55:43 UTC
Permalink
For SSL do I need a CertFile, KeyFile, and RootCertFile?
Yes.
Also when I put the component down and set it as the intercept for
a HTTPServer, I get an error that I'm missing DLLs, something like
eys.dll and ssleas.dll (don't remember the exact names)
Those are the OpenSSL DLLs. Those files are required. Since you are
using an older Indy version, you will have to use the custom-made DLLs
http://www.indyproject.org/Sockets/SSL.EN.aspx
I grabbed the newest versions of those dlls, and put them in the same
directory as the exe, and it still couldn't find them.
You can't use the official OpenSSL DLLs with the version of Indy you are
using.
Thanks again Remy, I got the two DLLs from the site you pointed me to,
although now I'm getting an error of "error accepting connection SSL". I'm
guessing this is because I have the SSL options set wrong, and the lack of
CertFile, KeyFile, and RootCertFile.

Does anyone know of a certificate authority which will give me a free
certificate? Generating your own certificate is a major hassle.

- Dan
Adrien Reboisson
2008-06-18 10:26:24 UTC
Permalink
Hi,
Post by Dan
Thanks again Remy, I got the two DLLs from the site you pointed me to,
although now I'm getting an error of "error accepting connection SSL".
I'm guessing this is because I have the SSL options set wrong, and the
lack of CertFile, KeyFile, and RootCertFile.
In most cases that's because OpenSSL does not accept the server
certificate. Is the server's certificate self-signed ?
Post by Dan
Does anyone know of a certificate authority which will give me a free
certificate? Generating your own certificate is a major hassle.
If you install OpenSSL, you can create your own certificates quite
easily. There is a lot of articles on the Web, especially on how to
create server certificates for the Apache webserver. Nevertheless, if
you're on the client side and you don't want to "prove" your identity
(you just want to check the server one), you don't need these files.

Regards,

A.R.
Adrien Reboisson
2008-06-18 11:15:31 UTC
Permalink
Post by Adrien Reboisson
In most cases that's because OpenSSL does not accept the server
certificate. Is the server's certificate self-signed ?
Sorry, I thought you used a TIdHTTP component instead of a TIdHTTPServer
:-) In this case, yes, you really need these files !

A.R.

Remy Lebeau (TeamB)
2008-06-18 00:38:49 UTC
Permalink
For SSL do I need a CertFile, KeyFile, and RootCertFile?
Yes.
Also when I put the component down and set it as the intercept for
a HTTPServer, I get an error that I'm missing DLLs, something like
eys.dll and ssleas.dll (don't remember the exact names)
Those are the OpenSSL DLLs. Those files are required. Since you are using
an older Indy version, you will have to use the custom-made DLLs that are
linked to on Indy's website:

http://www.indyproject.org/Sockets/SSL.EN.aspx
I grabbed the newest versions of those dlls, and put them in the same
directory as the exe, and it still couldn't find them.
You can't use the official OpenSSL DLLs with the version of Indy you are
using.


Gambit
Loading...