3

does anyone know how to use ssl with Indy and get it to run under windowns and osX? I've seen the link below so TIdHttp appears to work but I need the ssl options.

Firemonkey and TDownloadUrl

Thanks

Community
  • 1
  • 1
Alan Grace
  • 171
  • 1
  • 6

1 Answers1

0

If you are using the Indy components that came with XE2, then you can drop in the Windows SSL binaries from OpenSSL. For Windows, put these in the same folder as your EXE:

  • libeay32.dll
  • ssleay32.dll

You'll find a link to the latest Windows binaries here:

http://www.openssl.org/related/binaries.html

You don't need Visual C++ 2088 redistributables if you are just using the DLLs, so ignore the installation warning if you get one.

Then, you add a TIdSSLIOHandleSocketOpenSSL component to your form. Set the IOHnandler property of your TIdHTTP component to the new TIdSSLIOHandlerSocketOpenSSL component.

Set the following SSLOptions of the TIdSSLIOHandlerSocketOpenSSL component:

Mode := sslmClient;

That's all you need. Now when you call a 'https://' instead of a 'http://' URL, it will automatically load the libraries and use the SSL component.

For OS X, it comes with OpenSSL, though not the latest versions, so you don't need to add any DLLs/dylibs.

Marcus Adams
  • 53,009
  • 9
  • 91
  • 143
  • Ideally, you would also verify the certificate, but I don't know how to do that with Indy. – Marcus Adams Oct 03 '11 at 23:06
  • TIdSSLIOHandlerSocketOpenSSL has an OnVerifyPeer event. Also, Indy dynamically loads OpenSSL, even on OSX, so it uses the dynlb version. – Remy Lebeau Oct 04 '11 at 04:01
  • @Remy, Is there example code somewhere on how to verify the certificate? Does Indy do this automatically? – Marcus Adams Nov 05 '11 at 20:41
  • Indy does not verify the certificates. OpenSSL itself does that. The OnVerifyPeer event is provided so you can examine the certificates yourself and make accept/reject decisions to override what OpenSSL decides. – Remy Lebeau Nov 05 '11 at 23:50