Indy server supports SSL 2, but it shouldn't

Question

Indy server supports SSL 2, but it shouldn't

Indy Delphi 10.1 Berlin. My client has verified the HTTPS connection (using Qualys SSL Labs). The report says "This server supports SSL 2" and other warnings, but I think they are related to this. The code used looks like this:

SSLIOhandler:=TIdServerIOHandlerSSLOpenSSL.Create(NIL);
SSLIOhandler.SSLOptions.Method:=sslvTLSv1_2;
SSLIOhandler.SSLOptions.Mode:=sslmServer;
SSLIOhandler.OnVerifyPeer:=OnVerifyPeer;
SSLIOhandler.SSLOptions.SSLVersions:=[sslvTLSv1,sslvTLSv1_1,sslvTLSv1_2];

HTTPServer:=TIdHTTPServer.Create(NIL);
HTTPServer.IOhandler:=SSLIOhandler;

I've read various posts, but this area remains pretty abacadabe for me. I've limited SSLVersions to only [sslvTLSv1_2], but the warning remains. What else can I do?

Update : Sorry to waste time. Qualys test site did not appear to reboot. I have restarted and re-tested and it doesn't actually complain about SSL2 anymore.

The next step is to submit your cipher complaints starting at TLS_RSA_WITH_DES_CBC_SHA. I have a list of ciphers, but I cannot find how to assign them. When I use for example

SSLOptions.CipherList:='TLS_RSA_WITH_3DES_EDE_CBC_SHA';

I get the error: "SetCipher failed".

+3

ssl delphi indy10

user3212191 23 june 17 at 18:28

source to share

No one has answered this question yet

See similar questions:

2

Delphi Indy SSL Options

or similar:

8

SSL support for smtp.live.com and TIdSmtp (Indy, Delphi)

five

Delphi and Indy with SSL

five

Delphi Indy SSL Server Certificate

2

Delphi Indy SSL Options

1

Indy mail server demo code (TIdsmtpserver)

1

How can I only support TLS 1.x (in my webservice)?

1

indy ssl delphi server

0

Delphi Indy Server Hacked?

0

Indy alternative for http.post/http.get on delphi? Retrieving Unable to load SSL library

0

Does Indy client support ssl ev?

Indy server supports SSL 2, but it shouldn't

More articles: