Forum > Networking and Web Programming

Load Cert+Key into Ararat Synapse OpenSSL from string?

(1/3) > >>

PizzaProgram:
Hi,
 What if I have the Private Key and Public Certificate as "string" (and not as File) ?
How do I load it?
For example:

--- Code: Pascal  [+][-]window.onload = function(){var x1 = document.getElementById("main_content_section"); if (x1) { var x = document.getElementsByClassName("geshi");for (var i = 0; i < x.length; i++) { x[i].style.maxHeight='none'; x[i].style.height = Math.min(x[i].clientHeight+15,306)+'px'; x[i].style.resize = "vertical";}};} ---uses httpsend, ssl_openssl;constc_CER: AnsiString = '-----BEGIN CERTIFICATE-----'#10+'MIIG4DC ... '...var    HTTP: THTTPSend;begin    HTTP := THTTPSend.Create;    HTTP.Sock.SSL.Certificate := c_CER;    HTTP.Sock.SSL.PrivateKey  := c_priv_key;    HTTP.Sock.SSl.VerifyCert  := True;  
This is not working. Http error code 500 .
I guess I have to "digest" the Base64 code into raw bytes.
But How ?

PizzaProgram:
With this technique:

--- Code: Pascal  [+][-]window.onload = function(){var x1 = document.getElementById("main_content_section"); if (x1) { var x = document.getElementsByClassName("geshi");for (var i = 0; i < x.length; i++) { x[i].style.maxHeight='none'; x[i].style.height = Math.min(x[i].clientHeight+15,306)+'px'; x[i].style.resize = "vertical";}};} ---TSSLOpenSSL(HTTP.Sock.SSL).LastErrorDesc
I am able to get a proper error msg:

--- Code: ---error:068000A8:asn1 encoding routines::wrong tag
--- End code ---

zeljko:

--- Quote from: PizzaProgram on May 08, 2022, 04:13:19 pm ---Hi,
 What if I have the Private Key and Public Certificate as "string" (and not as File) ?
How do I load it?
For example:

--- Code: Pascal  [+][-]window.onload = function(){var x1 = document.getElementById("main_content_section"); if (x1) { var x = document.getElementsByClassName("geshi");for (var i = 0; i < x.length; i++) { x[i].style.maxHeight='none'; x[i].style.height = Math.min(x[i].clientHeight+15,306)+'px'; x[i].style.resize = "vertical";}};} ---uses httpsend, ssl_openssl;constc_CER: AnsiString = '-----BEGIN CERTIFICATE-----'#10+'MIIG4DC ... '...var    HTTP: THTTPSend;begin    HTTP := THTTPSend.Create;    HTTP.Sock.SSL.Certificate := c_CER;    HTTP.Sock.SSL.PrivateKey  := c_priv_key;    HTTP.Sock.SSl.VerifyCert  := True;  
This is not working. Http error code 500 .
I guess I have to "digest" the Base64 code into raw bytes.
But How ?

--- End quote ---

Probably it expects filename instead of certificate data ?

PierceNg:

--- Quote from: PizzaProgram on May 08, 2022, 04:13:19 pm ---Hi,
 What if I have the Private Key and Public Certificate as "string" (and not as File) ?

--- End quote ---

Why not just save the data you have as files?

An X.509 public key certificate has an expiry date. When one expires, you may get a replacement certificate for the same private key, or you may get a certificate for a new private key. If you embed key and cert in your source code, then you'll have to rebuild your program when the time comes. If the data is kept in files outside your executable program, you just replace the files. Remember to secure the private key using operating system file permissions at least.

PizzaProgram:

--- Quote from: PierceNg on May 09, 2022, 05:08:40 am ---Why not just save the data you have as files?

--- End quote ---

Because of 2 reasons:
 - the cert + key strings are stored in a database, distributing it to every client PC
 - revealing it by saving it to a file on every PC is very unsecure! Anybody could simply copy them to a PenDrive.

It would be better, if it would work, as it should and I could feed the string directly.
I'm starting to think, it's a bug?

Navigation

[0] Message Index

[#] Next page

Go to full version