EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElSecureClientSocket problem

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#2221
Posted: 02/10/2007 05:18:37
by E V (Basic support level)
Joined: 02/10/2007
Posts: 12

I am currently using the evaluation version of secure blackbox to determine if it is what my company needs to set up a SSL connection which requires a client side certificate.

I am using Delphi 2005 and using the sockets example. The first thing I have done is run it and use a blocking connection to the server and use no client certificate.

Everything seems to go fine and the OnCertificateNeededEx event fires. No certificate is passed on it. Then an access violation occurs. I even tried loading a valid certificate but I still get the same thing. Any ideas on this?
#2222
Posted: 02/10/2007 07:13:44
by Eugene Mayevski (EldoS Corp.)

Do you get the same problem when connecting to different servers or just to specific server?

The delphi socket class that is the base for TElSecureClientSocket, is obsolete since Delphi 7. It also works differently in Delphi 5 and Delphi 2005 - in Delphi 5 it works correctly and on Delphi 2005 it goes into the infinite loop for the reason yet to be discovered.

It is recommended to use either Indy or TElSimpleSSLClient class for cleint-side SSL connection. These classes are supported, maintained, and generally work. TElSecureClientSocket was created long before Delphi 2005 so some problems are possible.


Sincerely yours
Eugene Mayevski
#2223
Posted: 02/10/2007 07:20:25
by Eugene Mayevski (EldoS Corp.)

Just tested, and found out that the blocking mode goes into the infinite loop for some reason, while unblocking mode works (in Delphi 2005).


Sincerely yours
Eugene Mayevski
#2224
Posted: 02/10/2007 08:52:17
by E V (Basic support level)
Joined: 02/10/2007
Posts: 12

Thanks for your answer. Will try out the TELSimpleSSLClient.
#2264
Posted: 02/13/2007 02:56:50
by E V (Basic support level)
Joined: 02/10/2007
Posts: 12

Ok i got it working with the TELSimpleSSLClient now on our testserver. The real server I am trying to connect to connect now is not runnning via https yet. I am trying to connect to it using the TELSimpleSSLClient component with Enabled on false. Because according to the help it will behave as non secure then. I get an exception 'Invalid Address' then however. If you need the URL to test what the problem is can I send it to you by PM?
#2272
Posted: 02/13/2007 09:26:12
by Eugene Mayevski (EldoS Corp.)

Please note that TElSimpleSSLClient doesn't accept URLs in it's Address property. Only the host name or IP address. If you have problems with particular IP, try connecting to it using telnet to check that the server is actually listening on the needed address/port.


Sincerely yours
Eugene Mayevski
#2274
Posted: 02/13/2007 11:43:06
by E V (Basic support level)
Joined: 02/10/2007
Posts: 12

I used the TElHTTPSClient now and it works fine. Only thing I noticed is the errors that are raised when something goes wrong aren't very clear. For example if I use an invalid URL in the Post function I get an exception with the code -1 in it. Or if a client certificate is required and I don't pass one along I get an exception 'Connection Lost'. Is there a way to get a better error? I triend using the OnError event but that doesn't seem to fire.
#2277
Posted: 02/13/2007 12:09:24
by Eugene Mayevski (EldoS Corp.)

Quote
E V wrote:
For example if I use an invalid URL in the Post function I get an exception with the code -1 in it.


Fixed. If you had a source code, I would tell you where to replace -1 with E.ErrorCode and that's all you need :)


Quote
E V wrote:
Or if a client certificate is required and I don't pass one along I get an exception 'Connection Lost'. Is there a way to get a better error? I triend using the OnError event but that doesn't seem to fire.


This probably can be fixed easily too if we could see this ourselves. I.e. if you describe step by step, how to reproduce the problem, this can be fixed in 5-10 minutes. Generally, OnError should be always fired, so this is another thing to fix.


Sincerely yours
Eugene Mayevski
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 3007 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!