Atozed Forums
Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - Printable Version

+- Atozed Forums (https://www.atozed.com/forums)
+-- Forum: Indy (https://www.atozed.com/forums/forum-8.html)
+--- Forum: Indy General Discussion (https://www.atozed.com/forums/forum-9.html)
+--- Thread: Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL (/thread-1477.html)



Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - wolfgang@koeppner-bures.at - 01-08-2020

Hi!
 I have three files from ZeroSSL, account-key.key, domain-crt.txt and domain-csr.txt

I have assigned the .key to the SSLOptions.KeyFile and the domain-crt.txt to SSLOptions.CertFile and SSLOptions.RootCertFile

When I start the program I get the exception "Failed to load root cert", "error:0B084002:x509 certificate routines:X509_load_cert_crl_fileConfusedystem lib"

What am I doing wrong?

Thx


RE: Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - kudzu - 01-08-2020

Are you using the right format of certificates? This is for IW, but steps are very similar as IW uses Indy:

https://www.atozed.com/forums/showthread.php?tid=191


RE: Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - wolfgang@koeppner-bures.at - 01-08-2020

I get this crazy error:

[Image: attachment.php?aid=209]

All my (test) code is:

Code:
procedure TForm1.Button1Click(Sender: TObject);

begin
  IdHTTPServer1.IOHandler:=SSLStack;
  IdHTTPServer1.Active:=TRUE;
end;

procedure TForm1.FormCreate(Sender: TObject);
begin
SSLStack.SSLOptions.RootCertFile:='C:\Temp\zeroSSL.txt';
SSLStack.SSLOptions.CertFile:='C:\Temp\cert.crt';
SSLStack.SSLOptions.KeyFile:='C:\Temp\key.key';
end;



RE: Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - rlebeau - 01-12-2020

The code you showed does not match the error message.

But just out of curiosity, are you using the version of Indy/IW that shipped with RAD Studio 10.3.3? If so, Embarcadero broke Indy's SSL certificate loading code in that version, and recently released a patch to fix it:

ID: 30906, RAD Studio 10.3.3 Indy Server SSL Certificate Patch

Note that Indy's public GitHub code was not affected by that breakage.


RE: Setting up SSL Certificate for TidServerIOHandlerSSLOpenSSL - wolfgang@koeppner-bures.at - 01-13-2020

(01-12-2020, 07:57 PM)rlebeau Wrote: The code you showed does not match the error message.

But just out of curiosity, are you using the version of Indy/IW that shipped with RAD Studio 10.3.3?  If so, Embarcadero broke Indy's SSL certificate loading code in that version, and recently released a patch to fix it:

ID: 30906, RAD Studio 10.3.3 Indy Server SSL Certificate Patch

Note that Indy's public GitHub code was not affected by that breakage.
I'm running Delphi 10.3 Update 3, with the supplied sources...
Thank you very much for the hint!!