Hi, the goal is: to get SSL working on a working combination of Delphi 7 TCP/IP client and server, using Indy 9 TCP/IP and SSL components. OpenSSL libraries: 0.9.6m.
On server side:
object IdTCPServer: TIdTCPServer
Bindings = <
item
IP = '0.0.0.0'
Port = 7
end
item
IP = '192.168.226.1'
Port = 11
end
item
IP = '192.168.157.1'
Port = 20
end>
CommandHandlers = <>
DefaultPort = 0
Greeting.NumericCode = 0
IOHandler = IdServerIOHandlerSSL1
MaxConnectionReply.NumericCode = 0
OnConnect = IdTCPServerConnect
OnExecute = IdTCPServerExecute
ReplyExceptionCode = 0
ReplyTexts = <>
ReplyUnknownCommand.NumericCode = 0
Left = 312
Top = 4
end
object IdServerIOHandlerSSL1: TIdServerIOHandlerSSL
SSLOptions.Method = sslvSSLv3
SSLOptions.Mode = sslmServer
SSLOptions.VerifyMode = []
SSLOptions.VerifyDepth = 0
SSLOptions.CipherList = 'EDH-RSA-DES-CBC3-SHA'
OnStatusInfo = IdServerIOHandlerSSL1StatusInfo
Left = 160
Top = 16
end
On client side:
object IdTCPClient: TIdTCPClient
OnStatus = IdTCPClientStatus
IOHandler = IdSSLIOHandlerSocket1
MaxLineAction = maException
ReadTimeout = 0
OnDisconnected = IdTCPClientDisconnected
OnConnected = IdTCPClientConnected
Port = 0
Left = 212
Top = 4
end
object IdSSLIOHandlerSocket1: TIdSSLIOHandlerSocket
UseNagle = False
SSLOptions.Method = sslvSSLv3
SSLOptions.Mode = sslmClient
SSLOptions.VerifyMode = []
SSLOptions.VerifyDepth = 0
SSLOptions.CipherList = 'EDH-RSA-DES-CBC3-SHA'
OnStatusInfo = IdSSLIOHandlerSocket1StatusInfo
Left = 336
Top = 64
end
On starting the server, the CipherList apparently loads fine (had earlier problems trying to include a cipher that was not catered for in OpenSSL, but this one is).
On trying to connect from client to server the OnStatusInfo event fires with the following messages on the client side:
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server hello A"
On the server side:
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 read client hello C"
SSL status: "SSLv3 read client hello C"
Then the client brings up: "Error connecting with SSL".
I understand that this should work even though without certificate files (though that will be a next step)
Would anybody have any idea why this falls over? Many thanks in advance.
On server side:
object IdTCPServer: TIdTCPServer
Bindings = <
item
IP = '0.0.0.0'
Port = 7
end
item
IP = '192.168.226.1'
Port = 11
end
item
IP = '192.168.157.1'
Port = 20
end>
CommandHandlers = <>
DefaultPort = 0
Greeting.NumericCode = 0
IOHandler = IdServerIOHandlerSSL1
MaxConnectionReply.NumericCode = 0
OnConnect = IdTCPServerConnect
OnExecute = IdTCPServerExecute
ReplyExceptionCode = 0
ReplyTexts = <>
ReplyUnknownCommand.NumericCode = 0
Left = 312
Top = 4
end
object IdServerIOHandlerSSL1: TIdServerIOHandlerSSL
SSLOptions.Method = sslvSSLv3
SSLOptions.Mode = sslmServer
SSLOptions.VerifyMode = []
SSLOptions.VerifyDepth = 0
SSLOptions.CipherList = 'EDH-RSA-DES-CBC3-SHA'
OnStatusInfo = IdServerIOHandlerSSL1StatusInfo
Left = 160
Top = 16
end
On client side:
object IdTCPClient: TIdTCPClient
OnStatus = IdTCPClientStatus
IOHandler = IdSSLIOHandlerSocket1
MaxLineAction = maException
ReadTimeout = 0
OnDisconnected = IdTCPClientDisconnected
OnConnected = IdTCPClientConnected
Port = 0
Left = 212
Top = 4
end
object IdSSLIOHandlerSocket1: TIdSSLIOHandlerSocket
UseNagle = False
SSLOptions.Method = sslvSSLv3
SSLOptions.Mode = sslmClient
SSLOptions.VerifyMode = []
SSLOptions.VerifyDepth = 0
SSLOptions.CipherList = 'EDH-RSA-DES-CBC3-SHA'
OnStatusInfo = IdSSLIOHandlerSocket1StatusInfo
Left = 336
Top = 64
end
On starting the server, the CipherList apparently loads fine (had earlier problems trying to include a cipher that was not catered for in OpenSSL, but this one is).
On trying to connect from client to server the OnStatusInfo event fires with the following messages on the client side:
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server hello A"
On the server side:
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 read client hello C"
SSL status: "SSLv3 read client hello C"
Then the client brings up: "Error connecting with SSL".
I understand that this should work even though without certificate files (though that will be a next step)
Would anybody have any idea why this falls over? Many thanks in advance.