It appears that Indy 10 doesn't require the RootCertFile if the Server cert is trusted by the OS.
Is this correct or is there more to it on other platforms or other situations?
OpenSSL:=TIdServerIOHandlerSSLOpenSSL.Create;
with OpenSSL.SSLOptions do begin
CertFile := 'Server.crt.pem';
KeyFile := 'Server.key.pem';
RootCertFile := ''; // OK to not specify if the RootCA.crt.pem is trusted by the OS?
end;
Since the RootCertFile is not required, the password won't be requested.
with OpenSSL do begin
OnGetPassword := @OpenSSLGetPassword;
end;