结合使用Indy 10 IdHTTP和TLS 1.2 [英] Using Indy 10 IdHTTP with TLS 1.2
问题描述
Im使用带有Indy 10.5.8.0的Delphi XE2
Im using Delphi XE2 with Indy 10.5.8.0
当前,我需要更改与我们服务器之一的连接,以仅使用TLS 1.2。使用TLS 1.0
Currently i need to change a connection to one of our server to use only TLS 1.2, at the moment we are using TLS 1.0
作为IdHTTP的处理程序,正在使用IdSSLIOHandlerSocketOpenSSL。
As handler for IdHTTP , IdSSLIOHandlerSocketOpenSSL is being used.
我尝试将方法更改为sslvTLSv1_2并且它不起作用,因为该连接给出了下一个错误:
使用SSL连接时出错。错误:1409442E:SSL例程:SSL3_READ_BYTES:tlsv 1警报协议版本
I tried changing the Method to sslvTLSv1_2 and it does not work as the connection gives the next error: "Error connecting with SSL. error:1409442E:SSL routine:SSL3_READ_BYTES:tlsv 1 alert protocol version"
我正在使用默认密码列表,不确定我是否需要任何特定的密码(当前要求服务器提供商知道他们使用的密码)
Im using the Default Cipher list, not sure if i need any specific Cipher (Currently asking to Server provider to know what cipher they use)
这是配置的处理程序:
我不像以前那样习惯于SSL连接
Im not used to SSL connections as before this it was working with default setting and all was OK.
I试图检查WireShark,并且在两种情况下(方法为sslvTLSv1_2或sslvTLSv1时)我都遇到指向tls 1.0版的相同错误。
I tried to check WireShark and in both cases (when method is sslvTLSv1_2 or sslvTLSv1) i get the same error pointing to tls version 1.0.
方法sslvTLSv1:
Method sslvTLSv1:
方法sslvTLSv1_2:
Method sslvTLSv1_2:
如果我错过了一些东西,请指出正确的方向。
Please point me in the right direction if im missing something.
在此先感谢您提供的所有帮助。
Thank you in advance for all the help provided.
PS:刚从服务器提供商处获得了响应,他们正在使用AES_128_GCM作为密码,
P.S : Just got a response from the server provider and they are using AES_128_GCM as their Cipher, is it in the default Cipher list?
WireShark>客户端问候包:
WireShark>Client Hello package:
推荐答案
以防万一有人遇到类似的错误,在我的情况下,正是使用的SSL库(libeay32,ssleay32)已经过时(2010年)。更新SSL后,它可以正常工作而没有任何错误。
Just in case some one comes by a similar error, in my case it was the SSL Library (libeay32, ssleay32) that was being used, it was outdated (year 2010). When updated the SSL it worked out correctly without any error.
感谢@RemyLebeau指出这是一个更新问题=)
Thank you @RemyLebeau for pointing that it was an update issue =)
这篇关于结合使用Indy 10 IdHTTP和TLS 1.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
