如何使用Synapse建立安全连接?
我正在测试 Synapse,想知道如何建立安全连接。我注意到它支持 SSL,但我不确定它是否适合我的需要。我没有 CA 的证书。我只想加密服务器程序和客户端程序之间的所有数据。当然,我可以在发送之前自己加密数据。但如果 SSL 可以加密数据,也许我就可以使用它。据我所知,SSL是用于“加密”和“身份验证”。我需要的只是“加密”。 Synapse 可以吗?
更新:
感谢 daemon_x 和 Synapse 作者 Lukas Gebauer 的帮助,我想我终于让它工作了。以下是我所做的:
服务器端:
1)在您的设备中使用 ssl_openssl 并将“libeay32.dll”和“ssleay32.dll”放入 exe 文件的同一目录中
2)连接后接受,为新创建的套接字添加以下代码行。
fclient.SSLAcceptConnection;
客户端:
1)在您的设备中使用ssl_openssl,并将'libeay32.dll'和'ssleay32.dll'放入exe文件的同一目录中
2)连接到服务器后,添加以下行。
fclient.SSLDoConnect;
如果没有发生错误,则连接现在是安全的。但是,当您运行代码时,如 Synapse 文档中所述,您可能会注意到 SSLAcceptConnection 需要一些时间才能返回。因此,如果您想加快速度,最好预先创建证书文件和私钥文件。并在 SSLAcceptConnection 前添加以下代码
fclient.SSL.CertificateFile := 'bs-cert';
fclient.SSL.PrivateKeyFile := 'bs-privatekey';
如果您没有证书和私钥,请参考 ssl_openssl 中的“CreateSelfSignedCert”获取自签名证书和私钥。您可以通过 WriteStrToStream 将 FCertificate 和 FPrivatekey 保存到文件中,并在以后使用它们。
I'm testing Synapse and want to know how can I establish a secure connection. I noticed it supports SSL, but I'm not sure whether it suits my needs. I don't have a certificate from CA. I just want to encrypt all data between my server program and client program. Sure, I can encrypt the data myself before sending out. But if SSL can encrypt the data, maybe I can just use it. From what I know, SSL is for "encryption" and "authentication". What I need is only "encryption". Is it possible with Synapse?
UPDATE:
Thanks for helping from daemon_x and the author of Synapse, Lukas Gebauer, I think I finally make it work. Here are what I did:
Server Side:
1) Uses ssl_openssl in your unit and put 'libeay32.dll' and 'ssleay32.dll' to the same directory of the exe file
2) After a connection is accepted, add following lines of code for the newly created socket.
fclient.SSLAcceptConnection;
Client side:
1) Uses ssl_openssl in your unit and put 'libeay32.dll' and 'ssleay32.dll' to the same directory of the exe file
2) After connected to the server, add following line.
fclient.SSLDoConnect;
If no error occurred, the connection is secure now. But when you run your code, as said in document of Synapse, you may notice that the SSLAcceptConnection takes some time to return. So if you want to speed things up, you better create a certificate file and private key file upfront. And add following code before SSLAcceptConnection
fclient.SSL.CertificateFile := 'bs-cert';
fclient.SSL.PrivateKeyFile := 'bs-privatekey';
If you don't have a certificate and private key, please refer to "CreateSelfSignedCert" in ssl_openssl for getting a self-signed certificate and private key. You can save, by WriteStrToStream for example, FCertificate and FPrivatekey to files and use them later.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
是的;您可以使用 Synapse 附带的插件之一。正如那里也提到的,最好是使用 ssl_openssl.pas。如果您决定遵循这一点,除了 Sysapse 之外,您还需要 OpenSSL 库。作者推荐 OpenSSL 0.9.7 但正如他在我们本地所说的那样论坛似乎也适用于 OpenSSL 1.0.0d。
请注意,如果您使用的是 D2009 以上,您将需要 Unicode 支持,但该版本尚未完全支持。请下载最新版本。
以下示例代码接收前 1024 个字节,作为对使用 SSL 加密的安全网站的
HTTP GET方法的响应。我用过它 OpenSSL 0.9.8h 与 Synapse 的最新版本。请注意,您需要将 OpenSSL 包中的 libssl32.dll 和 libeay32.dll 放入输出目录中才能正常工作。让我们有一个带有按钮和备忘录的表单,我们可以在其中接收结果。Yes it is; you can use one of the plugins shipped with Synapse. As it's also mentioned there, the best is to use the ssl_openssl.pas. If you decide to follow this one you will need except Sysapse also the OpenSSL library. Author recommends OpenSSL 0.9.7 but as he said on our local forum it seems to works also with OpenSSL 1.0.0d.
Note if you are using D2009 up you will need a Unicode support which is not fully supported in version. Download the latest version instead.
The following sample code receives first 1024 bytes as a response to the
HTTP GETmethod of a secured website using SSL encryption. I've used for it OpenSSL 0.9.8h with the latest version of Synapse. Note you need to putlibssl32.dllandlibeay32.dllfrom theOpenSSLpackage into your output directory to make it work properly. Let's have a form with a button and memo where we receive a result.