Recent

Author Topic: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS  (Read 5655 times)

Remy Lebeau

  • Hero Member
  • *****
  • Posts: 1312
    • Lebeau Software
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #15 on: March 31, 2023, 01:26:36 am »
Now the only suitable Units I found are:
IdOpenSSLIOHandlerClientBase
IdOpenSSLIOHandlerClient
IdOpenSSLIOHandlerClientServer
IdOpenSSLIOHandlerServer

And tried to look for the SSLIOHandler that I can use from them, that can set the TLSv1.3 but couldn't find that. Am I using the correct Units here?

Yes, you are.

Both TIdOpenSSLIOHandlerClient and TIdOpenSSLIOHandlerServer have Options.TLSVersion(Minimum|Maximum) properties, which can be set as low as SSLv3 and as high as TLSv1_3.
Remy Lebeau
Lebeau Software - Owner, Developer
Internet Direct (Indy) - Admin, Developer (Support forum)

JZS

  • Full Member
  • ***
  • Posts: 194
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #16 on: March 31, 2023, 01:41:08 pm »
Both TIdOpenSSLIOHandlerClient and TIdOpenSSLIOHandlerServer have Options.TLSVersion(Minimum|Maximum) properties, which can be set as low as SSLv3 and as high as TLSv1_3.

Many thanks Remy. It worked.
Really appreciate your support and all what you have been contributing over the years.
As PizzaProgram mentioned, you are a hero to me too. You somehow remind me of BigChimp (Reinier). Always available and always giving to the community, and I know it is not easy.

Thank you.
I use recent stable release

JZS

  • Full Member
  • ***
  • Posts: 194
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #17 on: March 31, 2023, 01:58:27 pm »

I just wanted to share my "final experience" after 1 year:
  • I had to drop Lazarus, and switch back to Delphi7, because Lazarus could not create a special (non-standard) version of JWS signature the Goverment demanded.
  • I've used ICS for the whole project including JSON generation + SSL3 + JWS + some special HTTPS stream-readout, (when the there was some different response code then 200=OK).

So ICS was a great choice, I can recommend it, but sadly it does not run on Lazarus  :(

What a bummer. I have had this thought several times, when things seem to stop complying on Lazarus, very quickly, Delphi 7 comes in mind.
But never had to abandon Lazarus, with little persistence (oh am very stubborn) things start to come around.

But am glad things worked out for you as you hoped. That all that matters here. We gotta make living. Keep it up.
« Last Edit: March 31, 2023, 02:00:29 pm by JZS »
I use recent stable release

zeljkoc

  • Full Member
  • ***
  • Posts: 145
    • Zeljko Cvijanovic
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #18 on: February 01, 2024, 08:27:33 pm »
This was working with me
Server,
Client
SSl
example

path ssl add ssh/linux/libssl.so.3 and ssh/linux/libcrypto.so.3
« Last Edit: February 01, 2024, 08:31:32 pm by zeljkoc »

Thaddy

  • Hero Member
  • *****
  • Posts: 14197
  • Probably until I exterminate Putin.
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #19 on: February 02, 2024, 07:31:28 am »
Why is SSLv3 still allowed? (Or tls1.0) Hey it is 2024, not 1999 /2014 (POODLE discovery, actually confirmation)
AFAIK OpenSLL binaries do not support it anymore for a long time, unless you recompile the binaries yourself with legacy flags.. So such a fall-back can cause a crash...
and is highly insecure.
People asking about sslv3 support should be punished. TLS was introduced 25 years ago, 1999, so what? Who was asleep for the past 25 years?

That said, openssl 3.0 works fine with freepascal. do not mix up openssl 3.0 with sslv3, though. Older versions of openssl have still lts support.
« Last Edit: February 02, 2024, 08:48:08 am by Thaddy »
Specialize a type, not a var.

zeljkoc

  • Full Member
  • ***
  • Posts: 145
    • Zeljko Cvijanovic
Re: OpenSSL 3.0 vs Indy's 1.0.2 + Generating .CSR + HTTPS
« Reply #20 on: February 02, 2024, 01:42:29 pm »
I am not informed if you are using the old multiplication table.

1999. 2 x 2 = 4
2024. 2 x 2 = 4

 

TinyPortal © 2005-2018