Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Could not load root certificate
#1
Hello,

I have a problem with loading my certificates with the indy server.

If i link my application with 64 bit static libraries i receive this exception message (EidOSSLLoadingCRootCertError) at startup:

Could not load root certificate.
error:00000000:lib(0):func(0):reason(0)

Working with 32/64 bit dynamic packages and 32 bit static libraries is OK.
Startup with HTTP.SYS is OK, but i can't open my website with my self signed certificate by any browser.

This are the linked libraries:

#ifdef USEPACKAGES
#pragma message "Link with packges"
#pragma link "IndyCore.bpi"
#pragma link "IndySystem.bpi"
#pragma link "IndyProtocols.bpi"
#pragma link "Intraweb_15_D10_2.bpi"
#elif _WIN64
#pragma message "Link with static libraries (64 Bit)"
#pragma link "IndyCore.a"
#pragma link "IndySystem.a"
#pragma link "IndyProtocols.a"
#pragma link "Intraweb_15_D10_2.a"
#elif _WIN32
#pragma message "Link with static libraries (32 Bit)"
#pragma link "IndyCore.lib"
#pragma link "IndySystem.lib"
#pragma link "IndyProtocols.lib"
#pragma link "Intraweb_15_D10_2.lib"
#endif

C++Builder 10.2.3
Intraweb 15.0.14

Do i need any other 64 bit libraries or anything else ?

Best regards
Juergen
Reply
#2
Hi,

you mention Indy and HTTP.SYS so I'm a little confuse about the one you are actually trying to use.

HTTP.SYS relies on Windows to handle security so it should be transparent to your application.

For Indy: I believe you have the appropriate OpenSSL dlls in the same folder, right? Seems that it is failing to load the root certificate, not your own certificate. Is it available too?
Reply
#3
Hi Alexandre,

For the development i have created my own self signed certificate chain, including the root certificate. But i don't think, that the problem is related to my certificates, since the error arises also, if i use the ATOZED example certificates.

During the development i want to use the indy server.
The OpenSSL libraries are from  Frederik A. Winkelsdorf ( v1.0.2o, Mar 27, 2018)

libeay32.dll
ssleay32.dll

This is the call stack:

:00007ffb93f0a388
:000000000078ac66 ; System::_RaiseAtExcept(System::TObject*, void*)
:000000000078ac91 ; System::_RaiseExcept(System::TObject*)
:00000000009b61e9 ; Insslopensslheaders::EIdOpenSSLAPICryptoError::RaiseExceptionCode(unsigned int, System::UnicodeString)
:00000000009b607f ; Insslopensslheaders::EIdOpenSSLAPICryptoError::RaiseException(System::UnicodeString)
:00000000009c7349 ; Insslopenssl::TInSSLContext::InitContext(Insslopenssl::TInSSLCtxMode)
:00000000009c5588 ; Insslopenssl::TInServerIOHandlerSSLOpenSSL::Init()
:00000000008c5d7f ; Incustomtcpserver::TInCustomTCPServer::Startup()
:00000000008d1230 ; Incustomhttpserver::TInCustomHTTPServer::Startup()
:00000000008c52fc ; Incustomtcpserver::TInCustomTCPServer::SetActive(bool)
:00000000009cdd17 ; Iw::Server::Httpindy::THTTPServerIndy::SetHTTPS()
:00000000009cb22d ; Iw::Server::Httpindy::THTTPServerIndy::InitHTTPS()
:00000000009cf2dd ; Iw::Server::Indy::TSaServerIndy::Start()
:0000000000996a36 ; Iwstandaloneserver::TIWStandAloneServer::Start(System::Classes::TComponentClass)
:0000000000a3cfa4 ; Iwmain::TFormIWMain::Start(System::Classes::TComponentClass)
:0000000000a3e4ae ; Iwstart::TIWStart:Big GrinoShowUI()
:0000000000a3e1d9 ; Iwstartbase::TIWStartBase::Run()
:0000000000a3e061 ; Iwstartbase::TIWStartBase::Execute(bool)
:000000000040cb17 ; wWinMain
:00000000061C318C ; ???
:00000000322082F5 ; C:\Program Files (x86)\Embarcadero\Studio\19.0\bin64\CC64250MT.DLL

The problem only occurs, if i link with the 64 bit static libraries, all other configurations work well.

Best regards
Juergen
Reply
#4
Hi,

meanwhile i'm using

C++Builder 10.3
Intraweb 15.0.15

but the problem is not fixed yet with the new versions.
I just would like to know, if there is any new information available?

Best regards
Juergen
Reply
#5
Can you please check if your C++ Builder settings are pointing to the right place in

Tools -> Options -> C++ Options -> Paths & Directories -> System Include Path / Library Path ?

Also, I'm not sure about these Open SSL DLLs. We recommend to use Indy Fulgan distros, which have been working well with Indy.

Can you please try these and see if you get a different result: https://indy.fulgan.com/SSL/ ?
Reply
#6
Hi,

i have checked the environment path and also renamed the directories from an older C++Builder version.
The Open SSL Dlls seem to be the same source and version, but i have downloaded and used them anyway.

The result is the same still.

I could provide a simple example, which i created from scratch,
but it requires the latest patch for C++Builder 10.3 or C++Builder 10.3.1 since there was this linker error in C++Builder 10.3:

c:\program files (x86)\embarcadero\studio\20.0\Bin\CodeGear.Cpp.Targets(3711,5): error : Error: Unresolved external '_lseek' referenced from C:\PROGRAM FILES (X86)\EMBARCADERO\STUDIO\20.0\LIB\WIN64\RELEASE\DE\RTL.A|System.ZLib.o
[ilink64 Fehler] Error: Unresolved external '_lseek' referenced from C:\PROGRAM FILES (X86)\EMBARCADERO\STUDIO\20.0\LIB\WIN64\RELEASE\DE\RTL.A|System.ZLib.o

Best Regards
Juergen
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)