EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSL connection

Posted: 08/24/2010 14:05:05
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 112

I am trying to connect to this webservice

I am using the following code unsuccessfully

I drop TElSimpleSSLClient with default properties.

SSLClient.Address := 'https://nfe....';
if SSLClient.Active then begin
SSLClient.SendText('bla bla bla');

Could you drive me to do the right thing. I receive an error while connecting "Connection error (96260)".
Posted: 08/24/2010 14:09:55
by Eugene Mayevski (Team)

TElSimpleSSLClient is, as the name suggests, SSL client, not HTTP client. Use TElHTTPSClient instead.

Sincerely yours
Eugene Mayevski
Posted: 08/24/2010 16:45:31
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 112

First step to the wrong side, but...

I am now using TElHttpsClient and it is starting... So far the situation is the following:

1) Drop TElHttpsClient and TElWinCertStorage

2) Get Certificate Index

var Cert: TElX509Certificate;

procedure GetCertificate;
var nCert: Integer;
nCert := -1;
for nI := 0 to WinCert.Count-1 do begin
Cert := WinCert.Certificates[nI];
if BinaryToString(Cert.SerialNumber) = '5AEF9AC3A29E2628' then begin
nCert := nI;
if nCert = -1 then begin
raise Exception.Create('Certificate not found');

procedure Get;
var cUrl: String;
cUrl := 'https://nfe.fazenda.sp.gov.br/nfeWEB/services/NfeStatus.asmx';

In the OnCertificateNeedEx the Cert is assigned to Certificate
Certificate := Cert;

In the OnCertificateValidate I just assign True
Validate := True;

In the OnData event
var cBuf: String;
cBuf := String(Buffer);

And I reveive an html saying "This page requires a Certificate..."

What I am doing wrong now ?
Posted: 08/25/2010 05:41:51
by Eugene Mayevski (Team)

1) OnCertificateNeededEx is not that simple. You must return nil on certain call to tell the component that you are done providing a certificate chain
2) Does the certificate have a private key?
3) Is OnCertificateNeededEx actually called?

Sincerely yours
Eugene Mayevski
Posted: 08/25/2010 09:56:04
by Eduardo Helminsky (Standard support level)
Joined: 08/20/2010
Posts: 112

1) Is there any way to do this without events ? What do you mean about "certificate chain" ? I have my certificate and the CA and Root (this is a chain ?).

2) Yes

3) Yes, just once.

Posted: 08/25/2010 10:14:21
by Eugene Mayevski (Team)

1) Yes, you can copy all certificate (i.e. your end-entity certificate, CA and possibly root) to an instance of TElMemoryCertStorage object and assign this object to ClientCertStorage property.
3) this is not ok. Most likely the server doesn't accept the certificate at the first place. Try doing what I described above.

Sincerely yours
Eugene Mayevski
Posted: 09/24/2010 05:48:29
by Madhan Malai (Basic support level)
Joined: 09/23/2010
Posts: 4

I downloaded evoluation software for secure black box and i tried the following code but i am getting error as
"Connection closed.
Exception: Connection error (-1)"

HttpsClient.SSLEnabled := true;
HttpsClient.UseHTTPProxy := true;
btnGo.Enabled := False;

btnGo.Enabled := True;

Note: is there any problem in above lines or give me the sample code for web service connection through TELhttpsclient
Posted: 09/24/2010 06:39:52
by Eugene Mayevski (Team)

1) don't post your new questions as replies to other people posts. Create a new post instead.
2) What did you enable HTTP proxy for? Turn it off, you don't need it.
3) It can happen that the host is not accessible.
4) HTTP connection can be closed by the remote host right after sending the reply. In other words, this situation is not necessarily an error. If you have received the data and Connection Closed exception after that - this is ok. This is informational exception

Sincerely yours
Eugene Mayevski



Topic viewed 3930 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!