Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Indy SSL
#1
Ti there,

I am just wondering if Indy Supports SSL? If so could someone possible post an example in C++?

Thanks,

MusicBuddha
Reply
#2
A simple google would turn up tons of results that indy does support SSL. There are examples in the demos, but may be Delphi only.
Reply
#3
(06-27-2019, 03:46 AM)MusicBuddha Wrote: I am just wondering if Indy Supports SSL?

Of course. Though, not NATIVELY, ie it does not implement the actual SSL/TLS protocol itself, it relies on an external library to handle the details on Indy's behalf. Indy has built-in support for only OpenSSL (up to v1.0.2, but not v1.1.x yet), but you can plugin any SSL/TLS library you want as long as you can obtain, or write, a custom class derived from Indy's TIdSSLIOHandlerSocketBase to interface with that library's API as needed (for example, /n Software's (formerly EldoS's) SecureBlackbox provides classes for using its own SSL/TLS library with Indy).

(06-27-2019, 03:46 AM)MusicBuddha Wrote: If so could someone possible post an example in C++?

There are tons of examples and tutorials floating around online, they should not be hard to find, and if needed translated to C++ since Delphi and C++Builder share the same RTL and VCL/FMX frameworks. But in a nutshell, all you really need to do is assign an appropriate SSLIOHandler component to the IOHandler property of Indy's client/server components, configure the SSLIOHanlder as needed, and then set its PassThrough property to False when you are ready to perform an SSL/TLS handshake on an active connection (explicit TLS), or before a connection is made (implicit TLS).

Reply
#4
I should have mentioned that I want to use Indy's POP3, and I see that it does TLS but I am really after some way of Doing SSL with Indy.
Reply
#5
(07-17-2019, 02:12 AM)MusicBuddha Wrote: I should have mentioned that I want to use Indy's POP3, and I see that it does TLS but I am really after some way of Doing SSL with Indy.

Nobody uses SSL anymore, as it is no longer secure. Everyone uses TLS nowadays. But, if you happen to be using a legacy server that requires SSL, that is still possible to use with Indy.

As far as Indy is concerned, there is really not much difference between SSL and TLS, it is just a matter of configuration. SSL/TLS protocols are versioned. The difference between SSL vs TLS is in the details of which version is used during the handshaking process when establishing a secure session. TLS is basically just a newer version of SSL with more secure features.

When establishing a secure connection, there are two approaches to using SSL/TLS: implicitly and explicitly.

When used implicitly, the client must perform an SSL/TLS handshake immediately upon establishing the TCP connection, before any protocol-related communications and then be exchanged.

When used explicitly, after the TCP connection is established, protocol-related communications are exchanged without SSL/TLS as needed, and then a protocol-specific STARTTLS command (which is "STLS" in POP3) is issued only when the client wishes to ask the server for permission to initiate an SSL/TLS handshake to secure subsequent communications (for instance, after receiving the server's initial greeting and capabilities, and before performing authentication).

To use SSL/TLS in TIdPOP3, assign an appropriate SSLIOHandler component (such as TIdSSLIOHandlerSocketOpenSSL) to the TIdPOP3.IOHandler, and configure it as needed for the desired SSL/TLS version(s) (SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2), and then:

- for implicit SSL/TLS, set the TIdPOP3.UseTLS property to utUseImplicitTLS, and the TIdPOP3.Port property to 995.

- for explicit SSL/TLS, set the TIdPOP3.UseTLS property to utUseExplicitTLS, and the TIdPOP3.Port property to 110.

All of that can be done at design-time without writing any code. Or it can be done in code at run-time. Your choice.

Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)