Turn off SSL certificate verification in Delphi

Question

I have a Web Service running on Windows Server 2012R2 with sTunnel. When using Postman I have to turn of SSL verification for it to work or I get a: no connection error.

Some of my client using our Delphi Windows application get the Error HTTP 1.1 500 and the message Reject due to policy restriction.

The following shows in the sTunnel log: SSL routines: ssl3_read_bytes: sslv3 alert certificate unknow

I have the latest open SSl dll in the System32 folder.

I don't know if I can turn something on/off in Delphi or in sTunnel.

Here is the code for sending the SMS and the send the result to my webserver.

procedure SendSMS.Execute;
var
JsonToSend: TStringStream;
url, SMSText, Rtext, AppId, Json: String;
IdHTTP1: TIdHTTP;
IdSSLIOHandlerSocketOpenSSL2: TIdSSLIOHandlerSocketOpenSSL;
jsonRecived: TJSONObject;
begin
     AppId := 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx';   

 mySMSSent := False;
 if (Length(DataM1.ComTbl.FieldByName('SMSToken').AsString) > 10) and (Length(SMSMessageText) > 3) then
    begin
         SMSText := StringReplace(SMSMessageText,#$A,'\n',[rfReplaceAll, rfIgnoreCase]);
         SMSText := StringReplace(SMSText,#$D,'',[rfReplaceAll, rfIgnoreCase]);

         Try
         IdSSLIOHandlerSocketOpenSSL2 := TIdSSLIOHandlerSocketOpenSSL.Create;
         IdHTTP1 := TIdHTTP.Create;
         IdHTTP1.Request.UserAgent := 'Mozilla/3.0 (compatible; Indy Library)';
         IdHTTP1.Request.ContentType := 'application/json';
         IdHTTP1.Request.BasicAuthentication := true;
         IdHTTP1.Request.Username := SMSPass;
         IdHTTP1.Request.Password := SMSToken;   
         IdSSLIOHandlerSocketOpenSSL2.SSLOptions.Method := sslvTLSv1_2;
         IdHTTP1.IOHandler := IdSSLIOHandlerSocketOpenSSL2;
         IdHTTP1.HandleRedirects := False;

         if Length(SMSMedia) > 5 then
            Json := '{"from": "+1' + SMSPhone + '","to": "+1' + ToPhone + '","text": "' + SMSText + '","applicationId": "' + AppId + '","media": "' + SMSMedia + '","tag": "' + NameID + '"}'
         else
             Json := '{"from": "+1' + SMSPhone + '","to": "+1' + ToPhone + '","text": "' + SMSText + '","applicationId": "' + AppId + '","tag": "' + NameID + '"}';

         url:='https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx?';

         JsonToSend := TStringStream.Create(Json);

         try
            Rtext:=IdHTTP1.Post(url, JsonToSend);
            except
                  on E:Exception do
                     begin
                          SMSText := E.Classname + ': ' + E.Message;
                          mySMSSent := True;
                     end;
            end;

        if Pos('owner',Rtext) > 0 then // Send to web service //
           begin
                jsonRecived := TJSONObject.create(rtext);
                if jsonRecived <> nil then
                   begin
                        Json := '{"id": "';
                        Json := Json + jsonRecived.optString('id') + '","from": "+1';
                        Json := Json + SMSPhone + '","time": "';
                        Json := Json + jsonRecived.optString('time') + '","direction": "';
                        Json := Json + jsonRecived.optString('direction') + '","text": "';
                        Json := Json + SMSText + '","to": "+1' + ToPhone + '"}';

                        Try
                        if Assigned(JsonToSend) then
                           FreeAndNil(JsonToSend);
                        JsonToSend := TStringStream.Create(Json);
                        url:='https://mywebservice';
                        IdHTTP1.Post(url, JsonToSend);
                        Except

                        End;
                   end;
           end;

         Finally
            IdHTTP1.Disconnect;
            IdSSLIOHandlerSocketOpenSSL2.Free;
            IdHTTP1.Free;
            JsonToSend.Free;
         End;
    end;
end;