EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSL Connection

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#27047
Posted: 10/31/2013 09:36:58
by NGOKO TRESOR (Standard support level)
Joined: 10/31/2013
Posts: 6

Hello Sirs.

We have purchase 02 days ago SSL SBB VCL 11 world wide licence. we deployed it with your sample certificated into our delphi firemonkey app. every worked fine (32 connections limit remove) and 24 hours later the app server refuses all ssl connection to our clients??? We do no certificate validation, we just do as in your sample. we are just troubled with this issues. please a prompt help will be very very welcome.

BR.
#27049
Posted: 10/31/2013 09:45:24
by Eugene Mayevski (EldoS Corp.)

Thank you for contacting us.

First, the sample certificate must not be used in production. It's just a sample. It's not suitable for use with TLS. You need to purchase a certificate that corresponds to your domain name. Alternatively you can generate the self-signed certificate using CertDemo sample (in PKIBlackbox folder), but in any case that should be your certificate.

Next, "the server has stopped accepting connections" is not necessarily related to TLS layer. There can be a leak in socket handles or in other system resources, then there can be a memory leak or some other error.

What exactly components are you using to serve incoming TCP connections?


Sincerely yours
Eugene Mayevski
#27050
Posted: 10/31/2013 09:46:55
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Could you please clarify:
1) Do you use our component on client or server side?
2) What do you mean by "app server refuses all ssl connection"? Does our classes throw any exceptions or return error codes?
3)
Quote
we just do as in your sample
What exact sample do you mean?
#27052
Posted: 10/31/2013 09:55:45
by NGOKO TRESOR (Standard support level)
Joined: 10/31/2013
Posts: 6

Yes, we are using your component for Indy10 TCP Client server. but if leakage, why does the system not accept connection after restart of server and client?

We are developping with Delphi XE5.
#27054
Posted: 10/31/2013 10:01:52
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
the system not accept connection after restart of server and client?

If the problem remains after client and server restart then most likelly a firewall is blocking the connections.
#27055
Posted: 10/31/2013 10:05:50
by Eugene Mayevski (EldoS Corp.)

Also please note that we provide only SSL/TLS layer for Indy, and Indy's socket operations are beyond the scope of our responsibility and support. If something doesn't connect in Indy stuff, please contact Indy developers.


Sincerely yours
Eugene Mayevski
#27056
Posted: 10/31/2013 10:26:07
by NGOKO TRESOR (Standard support level)
Joined: 10/31/2013
Posts: 6

Ok, please can you really explain us the process to generate a self signed key and
certificate? just as those we see in the delphy indy10 ssl sample folder.

01 certificate on client site
01 certificate on server site
01 key on servver site.

BR
#27057
Posted: 10/31/2013 10:30:47
by Vsevolod Ievgiienko (EldoS Corp.)

You can generate a self-signed certificate using CertificatesWithGenerator sample (from PKIBlackbox folder). You should go to Certificate -> New Certificate menu and follow the instructions. Client side certificates can be created the same way.
#27058
Posted: 10/31/2013 10:31:35
by Eugene Mayevski (EldoS Corp.)



Sincerely yours
Eugene Mayevski
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 2295 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!