我试图通过Indy TIdHTTP获取带有客户端SSL证书的https页面。
代码是
install: $(patsubst ./src/%,./bin/%,$(wildcard $(BINARY_TARGETS)))
bin/%: src/%
mv -f $< $@
var IdHTTP1 : TIdHTTP;
IdSSLIOHandlerSocket : TIdSSLIOHandlerSocketOpenSSL;
begin
try
IdHTTP1 := TIdHTTP.Create( self );
IdHTTP1.Request.BasicAuthentication := False;
IdHTTP1.Request.UserAgent := 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0';
IdSSLIOHandlerSocket := TIdSSLIOHandlerSocketOpenSSL.Create( IdHTTP1 );
IdSSLIOHandlerSocket.SSLOptions.CertFile := 'cert.pem';
IdSSLIOHandlerSocket.SSLOptions.Method := sslvTLSv1_2;
IdSSLIOHandlerSocket.SSLOptions.Mode:= sslmUnassigned;
IdHTTP1.IOHandler := IdSSLIOHandlerSocket;
writeln( IdHTTP1.Get( 'https://www.scriptjunkie.us/auth/verifycert' ) );
finally
IdSSLIOHandlerSocket.Free;
IdHTTP1.Free;
end;
未进行身份验证。不接受客户PEM证书。
如何获取客户端证书的网址?
我已使用Get网站获得免费客户端SSL认证。 FPC为3.0.2,Indy为10.6.2.0
答案 0 :(得分:1)
这是一个工作代码(Indy 10.6.2.0,FPC 3.0.2)
uses IdHTTP, IdSSLOpenSSL;
var IdHTTP1 : TIdHTTP;
Id_HandlerSocket : TIdSSLIOHandlerSocketOpenSSL;
s : string;
begin
try
IdHTTP1 := TIdHTTP.Create( self );
IdHTTP1.Request.BasicAuthentication := False;
IdHTTP1.Request.UserAgent := 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0';
Id_HandlerSocket := TIdSSLIOHandlerSocketOpenSSL.Create( IdHTTP1 );
cert := 'my_scriptjunkie_pem.pem';
Id_HandlerSocket.SSLOptions.CertFile := cert; (* PEM contain both CERT and Key *)
Id_HandlerSocket.SSLOptions.KeyFile := cert;
Id_HandlerSocket.SSLOptions.Mode := sslmClient;
Id_HandlerSocket.SSLOptions.Method := sslvSSLv23;
IdHTTP1.IOHandler := Id_HandlerSocket;
WriteLn( Id_HandlerSocket.SSLOptions.CertFile );
s := IdHTTP1.Get( 'https://www.scriptjunkie.us/auth/verifycert' );
writeln( s );
finally
Id_HandlerSocket.Free;
IdHTTP1.Free;
end;
end;