(07-17-2019, 02:12 AM)MusicBuddha Wrote: I should have mentioned that I want to use Indy's POP3, and I see that it does TLS but I am really after some way of Doing SSL with Indy.
Nobody uses SSL anymore, as it is no longer secure. Everyone uses TLS nowadays. But, if you happen to be using a legacy server that requires SSL, that is still possible to use with Indy.
As far as Indy is concerned, there is really not much difference between SSL and TLS, it is just a matter of configuration. SSL/TLS protocols are versioned. The difference between SSL vs TLS is in the details of which version is used during the handshaking process when establishing a secure session. TLS is basically just a newer version of SSL with more secure features.
When establishing a secure connection, there are two approaches to using SSL/TLS: implicitly and explicitly.
When used implicitly, the client must perform an SSL/TLS handshake immediately upon establishing the TCP connection, before any protocol-related communications and then be exchanged.
When used explicitly, after the TCP connection is established, protocol-related communications are exchanged without SSL/TLS as needed, and then a protocol-specific STARTTLS command (which is "STLS" in POP3) is issued only when the client wishes to ask the server for permission to initiate an SSL/TLS handshake to secure subsequent communications (for instance, after receiving the server's initial greeting and capabilities, and before performing authentication).
To use SSL/TLS in
TIdPOP3, assign an appropriate
SSLIOHandler component (such as
TIdSSLIOHandlerSocketOpenSSL) to the
TIdPOP3.IOHandler, and configure it as needed for the desired SSL/TLS version(s) (SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2), and then:
- for implicit SSL/TLS, set the
TIdPOP3.UseTLS property to
utUseImplicitTLS, and the
TIdPOP3.Port property to 995.
- for explicit SSL/TLS, set the
TIdPOP3.UseTLS property to
utUseExplicitTLS, and the
TIdPOP3.Port property to 110.
All of that can be done at design-time without writing any code. Or it can be done in code at run-time. Your choice.