My Delphi 13 32bit FMX projectm using Indy and TaurusTLS, throws this exception:
Project ProjectMikeTaurus.exe raised exception class ETaurusTLSLoadingCertError with message 'Could not load certificate.'.
My certificates are made by win-acme and simple-acme.
I have tried PEM certificates and PFX certificates, with a password and without a password.
The FIOGetPassword method does get triggered before the exception.
I get a different file exception if I rename the cert file so I assume the cert file is being opened.
I have set the TaurusTLS PublicKey and the PrivateKey to the same .pfx file. Is that correct?
I've tried different DLLs, different certs, (PEM and PFX) different SSL versions, and my project throws the same exception:
Here is my barebones FMX unit modeled after the demo project that comes with TaurusTLS:
unit Unit1;
interface
uses
System.SysUtils, System.Types, System.UITypes, System.Classes, System.Variants,
FMX.Types, FMX.Controls, FMX.Forms, FMX.Graphics, FMX.Dialogs, IdCTypes,
TaurusTLSHeaders_types, TaurusTLS_X509, IdServerIOHandler, IdSSL, TaurusTLS,
IdBaseComponent, IdComponent, IdCustomTCPServer, IdCustomHTTPServer,
IdHTTPServer, FMX.Controls.Presentation, FMX.StdCtrls, System.IOUtils,
IdContext;
type
TForm1 = class(TForm)
Button1: TButton;
fHTTP: TIdHTTPServer;
FIO: TTaurusTLSServerIOHandler;
procedure Button1Click(Sender: TObject);
procedure FIOGetPassword(ASender: TObject; var VPassword: string;
const AIsWrite: Boolean; var VOk: Boolean);
procedure FIOVerifyError(ASender: TObject; ACertificate: TTaurusTLSX509;
const AError: TIdC_LONG; const AMsg, ADescr: string; var VOk: Boolean);
procedure FIOSecurityLevel(ASender: TObject; const AsslSocket: PSSL;
ACtx: PSSL_CTX; op, bits: TIdC_INT; const ACipherNid: TIdC_INT;
const ACipher: string; var VAccepted: Boolean);
procedure fHTTPException(AContext: TIdContext; AException: Exception);
procedure fHTTPConnect(AContext: TIdContext);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.fmx}
procedure TForm1.Button1Click(Sender: TObject);
var
Loaded: Boolean;
begin
Loaded := TaurusTLS.LoadOpenSSLLibrary;
FIO.SSLOptions.Mode := sslmServer;
// FIO.SSLOptions.UseSystemRootCACertificateStore := False; Does not fix the issue.
FIO.DefaultCert.PublicKey := TPath.Combine(ExtractFilePath(ParamStr(0)), 'Certificate\pocketgmserverwithpassword.com.pfx');
FIO.DefaultCert.PrivateKey := TPath.Combine(ExtractFilePath(ParamStr(0)), 'Certificate\pocketgmserverwithpassword.com.pfx');
if not FileExists(FIO.DefaultCert.PublicKey) or
not FileExists(FIO.DefaultCert.PublicKey)
then SHowMessage('Certificate file name is wrong.');
FHTTP.IOHandler := FIO;
FHTTP.DefaultPort := 443;
try
FHTTP.Active := True;
except
On E:ETaurusTLSLoadingCertError do
ShowMessage('ETaurusTLSLoadingCertError: ' + E.message);
On E:Exception do
ShowMessage('General exception: ' + E.message);
end;
end;
procedure TForm1.fHTTPConnect(AContext: TIdContext);
begin
ShowMessage('OnConnect called.');
end;
procedure TForm1.fHTTPException(AContext: TIdContext; AException: Exception);
begin
ShowMessage('HTTP server exception: ' + AException.Message);
end;
procedure TForm1.FIOGetPassword(ASender: TObject; var VPassword: string;
const AIsWrite: Boolean; var VOk: Boolean);
begin
VPassword := 'S******';
VOk := True;
end;
procedure TForm1.FIOSecurityLevel(ASender: TObject; const AsslSocket: PSSL;
ACtx: PSSL_CTX; op, bits: TIdC_INT; const ACipherNid: TIdC_INT;
const ACipher: string; var VAccepted: Boolean);
begin
ShowMessage('SecurtyLevel called');
end;
procedure TForm1.FIOVerifyError(ASender: TObject; ACertificate: TTaurusTLSX509;
const AError: TIdC_LONG; const AMsg, ADescr: string; var VOk: Boolean);
begin
ShowMessage('VerifyError called');
end;
end.