Board index » delphi » SSL certificate with TidHTTP client

SSL certificate with TidHTTP client


2008-04-24 12:19:36 AM
delphi7
Hi,
Anyone know how to specify SSL certificate to be used by the TidHTTP client?
I have exported the certificate from my IE web browser to a file "cert.pfx".
Then I converted the cert.pfx to cert.pem using OpenSSL:
openssl pkcs12 -in cert.pfx -out cert.pem -nodes
But then how to use that?
Here is my code:
procedure TForm1.Button1Click(Sender: TObject);
var
URL: string;
ReturnedPage: string;
SSLIOHandler: TIdSSLIOHandlerSocket;
begin
SSLIOHandler:= TIdSSLIOHandlerSocket.Create(nil);
URL := 'https://192.168.20.20/Service.asmx/GetDetails?Id=7768';
try
SSLIOHAndler.SSLOptions.CertFile := 'C:\TidHTTP_SSL\cert.pem';
// h is TidHTTP object
h.IOHandler := SSLIOHandler;
ReturnedPage:= h.Get(URL);
memo1.Text := ReturnedPage;
finally
SSLIOHandler.Free;
end;
end;
I always get HTTP error 403 "Forbidden".
However, I have no problem if I access the web page using the IE web browser.
Anyone know how?
--- posted by geoForum on delphi.newswhat.com
 
 

Re:SSL certificate with TidHTTP client

"delphiXXX" <XXXX@XXXXX.COM>writes
Quote
Anyone know how to specify SSL certificate to be used
by the TidHTTP client?
You already know how, because you are already doing it.
Quote
I always get HTTP error 403 "Forbidden".
Try assigning an OnGetPassword or OnVerifyPeer event handler to the
IOHandler.
Gambit
 

Re:SSL certificate with TidHTTP client

I did that, but the OnGetPassword has never be called.
And I got error "Parameter lists differ" for the OnVerifyPeer.
I took the event definition from:
www.indyproject.org/docsite/html/TVerifyPeerEvent.html
SSLIOHandler.OnGetPassword := o1;
//SSLIOHandler.OnVerifyPeer := v1;
procedure TForm1.o1(var password: string);
begin
Memo1.Lines.Add(password);
end;
//function TForm1.v1(Certificate: TIdX509; AOk: Boolean): Boolean;
//begin
// Memo1.Lines.Add(BoolToStr(AOk, true));
//end;
Do you think that I need to modify (edit) the "cert.pem" file?
Because I saw there are a lot of "BEGIN" and "END" there ...
Quote

"delphiXXX" <XXXX@XXXXX.COM>writes
news:XXXX@XXXXX.COM...

>Anyone know how to specify SSL certificate to be used
>by the TidHTTP client?

You already know how, because you are already doing it.

>I always get HTTP error 403 "Forbidden".

Try assigning an OnGetPassword or OnVerifyPeer event handler to the
IOHandler.


Gambit



--- posted by geoForum on delphi.newswhat.com
 

Re:SSL certificate with TidHTTP client

"delphiXXX" <XXXX@XXXXX.COM>writes
Quote
And I got error "Parameter lists differ" for the OnVerifyPeer.
Then you did not declare it properly.
Quote
I took the event definition from:
www.indyproject.org/docsite/html/TVerifyPeerEvent.html
That documentation is not up to date. There is an additional ADepth
parameter present:
TVerifyPeerEvent = function(Certificate: TIdX509; AOk: Boolean; ADepth:
Integer): Boolean of object;
Gambit