Board index » delphi » Indy & SSL...

Indy & SSL...

I am attempting to bring an old Indy app up to the new v. 9.2 components,
but have difficulty.
Any insight is greatly appreciated.

background:
the application in question connects to a servlet on a weblogic
implementation.
It posts an xml message containing a username/password combination and once
verified, sends me back a session ID
This is an off-site server and I have limited access to any trace functions
there to determine what it might be seeing.

The old app worked fine. The new app (TIdSSLIOHandlerSocket) seems like it
may be able to connect via SSL ok, but the data is not transmitted correctly
(or at least as it was before)

the response from the servlet indicates that I have sent it an invalid
request..the request is determined in an element of the XML
posted...therefore the data must not be correct at the server end. If the
username or password was wrong, I would get a different message...anyway the
postdata has not changed from the prior, working version.

From the documentation of the servlet I am connecting to:

 "  The access to the XML Service will be done using HTTPS (SSL3 only) "
"   The header Content-Type: application/x-www-form-urlencoded is
mandatory."

both of these are respected and the post data is url encoded. (nothing has
changed from the working code)

The Trace data below suggests that  SSL works ok, but the data sent is
screwed up...is this assumption correct ?

SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server certificate A"
SSL status: "SSLv3 read server done A"
SSL status: "SSLv3 write client key exchange A"
SSL status: "SSLv3 write change cipher spec A"
SSL status: "SSLv3 write finished A"
SSL status: "SSLv3 flush data"
SSL status: "SSLv3 read finished A"
SSL status: "SSL negotiation finished successfully"
SSL status: "SSL negotiation finished successfully"
SSL status: "SSL negotiation finished successfully"

 

Re:Indy & SSL...


Can you tell me what is the difference in data?

The most probable cause is the change in IdHttp component, cause ssl does
not modify the content.
Regards,
Gregor

Re:Indy & SSL...


Found it...

IdHttp was resetting the content-type to text/html, which was rejected by
the server in question.
Setting the content-type just before the post works.

Quote
"Gregor Ibic" <gregor.i...@intelicom.si> wrote in message

news:3bcc416f_2@dnews...
Quote
> Can you tell me what is the difference in data?

> The most probable cause is the change in IdHttp component, cause ssl does
> not modify the content.
> Regards,
> Gregor

Other Threads