EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSL connection

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#14285
Posted: 08/24/2010 14:05:05
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

I am trying to connect to this webservice
https://nfe.fazenda.sp.gov.br/nfeWEB/services/NfeStatus.asmx

I am using the following code unsuccessfully

I drop TElSimpleSSLClient with default properties.

SSLClient.Address := 'https://nfe....';
SSLClient.Open;
if SSLClient.Active then begin
SSLClient.SendText('bla bla bla');
end;

Could you drive me to do the right thing. I receive an error while connecting "Connection error (96260)".
#14286
Posted: 08/24/2010 14:09:55
by Eugene Mayevski (EldoS Corp.)

TElSimpleSSLClient is, as the name suggests, SSL client, not HTTP client. Use TElHTTPSClient instead.


Sincerely yours
Eugene Mayevski
#14287
Posted: 08/24/2010 16:45:31
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

First step to the wrong side, but...

I am now using TElHttpsClient and it is starting... So far the situation is the following:

1) Drop TElHttpsClient and TElWinCertStorage

2) Get Certificate Index


var Cert: TElX509Certificate;

procedure GetCertificate;
var nCert: Integer;
begin
nCert := -1;
for nI := 0 to WinCert.Count-1 do begin
Cert := WinCert.Certificates[nI];
if BinaryToString(Cert.SerialNumber) = '5AEF9AC3A29E2628' then begin
nCert := nI;
break;
end;
end;
if nCert = -1 then begin
raise Exception.Create('Certificate not found');
end;
end;

procedure Get;
var cUrl: String;
begin
cUrl := 'https://nfe.fazenda.sp.gov.br/nfeWEB/services/NfeStatus.asmx';
HttpsClient.Get(cUrl);
end;

In the OnCertificateNeedEx the Cert is assigned to Certificate
Certificate := Cert;

In the OnCertificateValidate I just assign True
Validate := True;

In the OnData event
var cBuf: String;
begin
SetLength(cBuf,Size);
cBuf := String(Buffer);
Memo.Lines.Add(cBuf);
end;

And I reveive an html saying "This page requires a Certificate..."

What I am doing wrong now ?
#14291
Posted: 08/25/2010 05:41:51
by Eugene Mayevski (EldoS Corp.)

1) OnCertificateNeededEx is not that simple. You must return nil on certain call to tell the component that you are done providing a certificate chain
2) Does the certificate have a private key?
3) Is OnCertificateNeededEx actually called?


Sincerely yours
Eugene Mayevski
#14292
Posted: 08/25/2010 09:56:04
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 102

1) Is there any way to do this without events ? What do you mean about "certificate chain" ? I have my certificate and the CA and Root (this is a chain ?).

2) Yes

3) Yes, just once.

Eduardo
#14293
Posted: 08/25/2010 10:14:21
by Eugene Mayevski (EldoS Corp.)

1) Yes, you can copy all certificate (i.e. your end-entity certificate, CA and possibly root) to an instance of TElMemoryCertStorage object and assign this object to ClientCertStorage property.
3) this is not ok. Most likely the server doesn't accept the certificate at the first place. Try doing what I described above.


Sincerely yours
Eugene Mayevski
#14570
Posted: 09/24/2010 05:48:29
by Madhan Malai (Basic support level)
Joined: 09/23/2010
Posts: 4

Hi
I downloaded evoluation software for secure black box and i tried the following code but i am getting error as
"Connection closed.
Exception: Connection error (-1)"



HttpsClient.SSLEnabled := true;
HttpsClient.UseHTTPProxy := true;
btnGo.Enabled := False;
try

HttpsClient.Get('https://blrxxx:8449/services/kasof');
finally
HttpsClient.Close(true);
btnGo.Enabled := True;
end;

Note: is there any problem in above lines or give me the sample code for web service connection through TELhttpsclient
#14571
Posted: 09/24/2010 06:39:52
by Eugene Mayevski (EldoS Corp.)

1) don't post your new questions as replies to other people posts. Create a new post instead.
2) What did you enable HTTP proxy for? Turn it off, you don't need it.
3) It can happen that the host is not accessible.
4) HTTP connection can be closed by the remote host right after sending the reply. In other words, this situation is not necessarily an error. If you have received the data and Connection Closed exception after that - this is ok. This is informational exception


Sincerely yours
Eugene Mayevski
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 3715 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!