Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
2.7k views
in Technique[技术] by (71.8m points)

delphi - Using Indy 10 IdHTTP with TLS 1.2

Im using Delphi XE2 with Indy 10.5.8.0

Currently i need to change a connection to one of our server to use only TLS 1.2, at the moment we are using TLS 1.0

As handler for IdHTTP , IdSSLIOHandlerSocketOpenSSL is being used.

I tried changing the Method to sslvTLSv1_2 and it does not work as the connection gives the next error: "Error connecting with SSL. error:1409442E:SSL routine:SSL3_READ_BYTES:tlsv 1 alert protocol version"

Im using the Default Cipher list, not sure if i need any specific Cipher (Currently asking to Server provider to know what cipher they use)

this is the configuration of Handler:

SSLIOHandler Config

Im not used to SSL connections as before this it was working with default setting and all was OK.

I tried to check WireShark and in both cases (when method is sslvTLSv1_2 or sslvTLSv1) i get the same error pointing to tls version 1.0.

Method sslvTLSv1:

Method sslvTLSv1

Method sslvTLSv1_2:

enter image description here

Please point me in the right direction if im missing something.

Thank you in advance for all the help provided.

P.S : Just got a response from the server provider and they are using AES_128_GCM as their Cipher, is it in the default Cipher list?

WireShark>Client Hello package:

enter image description here enter image description here

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Just in case some one comes by a similar error, in my case it was the SSL Library (libeay32, ssleay32) that was being used, it was outdated (year 2010). When updated the SSL it worked out correctly without any error.

Thank you @RemyLebeau for pointing that it was an update issue =)


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...