Recent

Author Topic: [SOLVED] Windows HTTPS server help request  (Read 1746 times)

JimD

  • Jr. Member
  • **
  • Posts: 62
[SOLVED] Windows HTTPS server help request
« on: March 05, 2019, 04:28:31 pm »
I have extensively researched and I'm totally lost - any pointers will be very helpful.

fcl-web: Nice package, and I have been successful creating an HTTP server.  Apparently there is no HTTPS support now or in the near future - correct?

indy: Very good with higher level httpserver class. HTTP server is no problem, but I cannot get an HTTPS server to work.  The error is code 10013.  I have several code samples all basically the same so I think the code is fine, but I'm not configuring OpenSSL properly.  What version of OpenSSL is supported by Indy9 or Indy10?

synapse: Very good with lower level classes means you have to implement more code for an HTTP server  What version of OpenSSL is suppored by synapse36 or synapse40?

If you have any working examples for my config, including certificates and keys for testing, would make you my HERO!
My Config: Win10 Home 64-bit, Lazarus 1.8.2, FPC 3.0.4 64

Once I can get the compatible versions nailed down, then I can share some code.

I am not interested in adding any design-time visual components to Lazarus.  My final application will be a daemon so I am only using the run time source for these packages. It will only be used by me for remote file access to my PC, so nothing super complicated needed.

I cant seem to convert several Delphi examples because they have visual component objects in the form and I don't know how to convert this to Lazarus. I tried installed the lazarus design time packages and adding to the Lazarus form after the conversion, but they won't compile so I'm doing something wrong.

Here are just a few of the many examples that I cannot get to work:

indy-10.2.0.3
  https://github.com/petr-nehez/Indy10Demos/tree/master/Demo%20Base

Snapse36, synapse40, and trunk r209:
  http demo plus this http://synapse.ararat.cz/doku.php/public:howto:httpsserver
  https demo with the test cert and keys




« Last Edit: March 06, 2019, 01:48:56 pm by jasc2v8 »

Thaddy

  • Hero Member
  • *****
  • Posts: 8197
Re: Windows HTTPS server help request
« Reply #1 on: March 05, 2019, 04:58:59 pm »
Well, your research wasn't that extensive....to say the least....
Apart from Indy - which I don't use for historical reasons - including the ssl_openssl unit is enough in the other cases. Btw: don't use 90's software like Synapse 3. Use 4 or even 4.1 from Synapse trunk.
Read the manuals and if you are a professional get a proper education in computer science. Makes the forum a lot cleaner.

JimD

  • Jr. Member
  • **
  • Posts: 62
Re: Windows HTTPS server help request
« Reply #2 on: March 05, 2019, 10:12:02 pm »
what more current software would you recommend for an HTTPS server?

Remy Lebeau

  • Hero Member
  • *****
  • Posts: 626
    • Lebeau Software
Re: Windows HTTPS server help request
« Reply #3 on: March 06, 2019, 12:43:47 am »
indy: Very good with higher level httpserver class. HTTP server is no problem, but I cannot get an HTTPS server to work.

Indy's TIdHTTPServer supports HTTPS, provided that you have:

- assigned a TIdServerIOHandlerSSLBase-derived component, such as TIdServerIOHandlerSSLOpenSSL, to the TIdHTTPServer.IOHandler property.

- in the case of TIdServerIOHandlerSSLOpenSSL specifically, that you have deployed the proper OpenSSL DLLs (ssleay32.dll and libeay32.dll) with your app.

- created an item in the TIdHTTPServer.Bindings collection for your chosen HTTPS port (the default HTTPS port is 443).

- assigned a handler to the TIdHTTPServer.OnQuerySSLPort event to specify whether or not the port a client has connected to is an HTTPS port (note, this is now optional as of May 2018 for port 443 - see Behavioral change to HTTPS handling in TIdHTTPServer).

The error is code 10013.

That is WSAEACCES (Permission Denied).  It is very unlikely that you would be seeing that error code in this situation, unless you are trying to bind your server to an IP/Port that is already in use for exclusive access by another app.

I have several code samples all basically the same so I think the code is fine, but I'm not configuring OpenSSL properly.

WSAEACCES is not related to the OpenSSL configuration.

What version of OpenSSL is supported by Indy9 or Indy10?

Indy 9 supports OpenSSL 0.9.6 and earlier.  And even then, it requires custom-made OpenSSL DLLs, which are available at https://indy.fulgan.com/SSL/Archive/.

Indy 10 supports OpenSSL 1.0.2 and earlier, and uses standard OpenSSL DLLs.

indy-10.2.0.3
  https://github.com/petr-nehez/Indy10Demos/tree/master/Demo%20Base

10.2.3 is an EXTREMELY old version of Indy 10.  The current version is 10.6.2.

Besides, that demo is not for TIdHTTPServer, it is for TIdTCPServer, and it does NOTHING to handle SSL/TLS at all.

Perhaps you meant https://github.com/petr-nehez/Indy10Demos/tree/master/HTTP/SSL%20Server instead?  It is an HTTPS server demo using TIdHTTPServer and TIdServerIOHandlerSSLOpenSSL.
« Last Edit: March 06, 2019, 12:50:07 am by Remy Lebeau »
Remy Lebeau
Lebeau Software - Owner, Developer
Internet Direct (Indy) - Admin, Developer (Support forum)

JimD

  • Jr. Member
  • **
  • Posts: 62
Re: Windows HTTPS server help request
« Reply #4 on: March 06, 2019, 01:48:31 pm »
Remy - your assistance on this and many other topics on this forum is VERY appreciated - thank you!

>Indy 9 supports OpenSSL 0.9.6 and earlier with custom-made OpenSSL DLLs at https://indy.fulgan.com/SSL/Archive/
I found indy_OpenSSL096m.zip

>Indy 10.6.2 supports OpenSSL 1.0.2 and earlier, and uses standard OpenSSL DLLs.
I found Indy 10.6.2.5494 and see a couple of http with SSL demos
I found openssl-1.0.2 DLLs from https://www.openssl.org/source/
I have some questions that I'll move to a different topic

Remy Lebeau

  • Hero Member
  • *****
  • Posts: 626
    • Lebeau Software
Re: Windows HTTPS server help request
« Reply #5 on: March 06, 2019, 09:21:21 pm »
I found Indy 10.6.2.5494 and see a couple of http with SSL demos
I found openssl-1.0.2 DLLs from https://www.openssl.org/source/

That is for source code, not binaries.  The OpenSSL devs do not distribute binaries, but there are some links on OpenSSL's wiki:

https://wiki.openssl.org/index.php/Binaries

OpenSSL DLLs for 1.0.2q and 1.0.2r are available at https://indy.fulgan.com/SSL/
Remy Lebeau
Lebeau Software - Owner, Developer
Internet Direct (Indy) - Admin, Developer (Support forum)