Indy 10 SSL rootcertfile提供垃圾地址
我将使用C ++构建器10.3与Indy 10组件IDSSSLIOHANDLESOCKETCESL使用,
如果我将客户端设置为主机CA CERT,则可以将TLS连接起来。
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CertFile = net->clientname;
但是,如果我尝试设置根证书,我会发现一个未找到的文件错误,这是我使用中文字符串的文件名的途径。
net-> idsssliohandlersocketsl-> ssloptions-> rootcertFile = net-> certname;
只要我将rootcertfile字符串空白,我希望添加一个客户证书以验证验证,这意味着我还需要将CA CERT放入根证书文件中。
完整的Intialation:
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->Mode = sslmClient;
net->IdSSLIOHandlerSocketOpenSSL->Host = net->hostname;
net->IdSSLIOHandlerSocketOpenSSL->Port = net->port;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->DHParamsFile = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyDirs = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CipherList = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CertFile = net->clientname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->KeyFile = net->keyname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->RootCertFile = net->certname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->Method = sslvTLSv1_2;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyMode = TIdSSLVerifyModeSet(sslvrfClientOnce);
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyDepth = 10;
net->IdSSLIOHandlerSocketOpenSSL->OnVerifyPeer = MainForm->VerifyCertFile;
net->IdSSLIOHandlerSocketOpenSSL->ReadTimeout = 10000;
net->IdSSLIOHandlerSocketOpenSSL->Open();
有什么建议为什么我会得到这个奇怪的文件名例外?
I am using C++ Builder 10.3 with the Indy 10 component IdSSLIOHandlerSocketOpenSSL
If I set just the ClientCert to my host CA cert, I can connect TLS fine.
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CertFile = net->clientname;
However, if I try to set the root certificate I get a file not found error which is the path to my executable with a chinese string for the file name.
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->RootCertFile = net->certname;
As long as I leave the RootCertFile string empty it works, however I wish to add a client certificate for the host to verify which means I need to also put the CA cert into the Root certificate file.
Full intialisation:
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->Mode = sslmClient;
net->IdSSLIOHandlerSocketOpenSSL->Host = net->hostname;
net->IdSSLIOHandlerSocketOpenSSL->Port = net->port;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->DHParamsFile = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyDirs = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CipherList = "";
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->CertFile = net->clientname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->KeyFile = net->keyname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->RootCertFile = net->certname;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->Method = sslvTLSv1_2;
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyMode = TIdSSLVerifyModeSet(sslvrfClientOnce);
net->IdSSLIOHandlerSocketOpenSSL->SSLOptions->VerifyDepth = 10;
net->IdSSLIOHandlerSocketOpenSSL->OnVerifyPeer = MainForm->VerifyCertFile;
net->IdSSLIOHandlerSocketOpenSSL->ReadTimeout = 10000;
net->IdSSLIOHandlerSocketOpenSSL->Open();
Any suggestions why I get this strange filename exception?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是由于一个在最初的10.3版本中引入Indy的错误。使用此补丁修复了该错误:
RAD Studio 10.3.3 Indy Server SSL证书补丁
或,您可以将IDE升级到Indy的 github repo ,因为它从来没有从中有这个错误。
但是,您应该确保一般安装了所有10.3个补丁:
rad Studio,delphi和C ++建造者10.3.3:补丁列表
That is due to a bug that Embarcadero introduced into Indy in the initial 10.3 release. That bug was fixed with this patch:
RAD Studio 10.3.3 Indy Server SSL Certificate Patch
Or, you can upgrade your IDE to the latest code from Indy's GitHub repo, as it never had this bug in it to begin with.
However, you should make sure you have all of the 10.3 patches installed in general:
RAD Studio, Delphi and C++Builder 10.3.3: List of Patches