Indy 10(Delphi 10.2),HTTPS:无共享密码(新手问题)

时间:2018-09-26 01:41:23

标签: delphi https openssl indy10

这是我首次尝试将SSL与Indy 10 TIdHTTPServer(与TIdServerIOHandlerSSLOpenSSL IOHandler结合使用)一起使用,并且遇到了麻烦。

我已经制作了一个小型测试应用程序,可以通过HTTP成功地将一个小型测试页面提供给Google Chrome浏览器,但是当我尝试通过HTTPS获取同一页面时,我得到了客户端和服务器不支持Chrome的通用SSL协议版本或密码套件

我阅读了很多文章,并尝试了各种设置组合,以尝试通过HTTPS提供我的测试页,但无济于事。在人们最终成功的一些职位中,增加证书是技巧。但是,在其他帖子中,我指出证书不是绝对必要的,因此我对此感到困惑。

这是我当前的设置:

object IdHTTPServer: TIdHTTPServer
  OnStatus = IdHTTPServerStatus
  Bindings = <
    item
      IP = '127.0.0.1'
      Port = 80
    end
    item
      IP = '127.0.0.1'
      Port = 443
    end>
  IOHandler = IdServerIOHandlerSSLOpenSSL
  OnBeforeBind = IdHTTPServerBeforeBind
  OnAfterBind = IdHTTPServerAfterBind
  OnBeforeListenerRun = IdHTTPServerBeforeListenerRun
  OnContextCreated = IdHTTPServerContextCreated
  OnConnect = IdHTTPServerConnect
  OnDisconnect = IdHTTPServerDisconnect
  OnException = IdHTTPServerException
  OnListenException = IdHTTPServerListenException
  KeepAlive = True
  OnCommandError = IdHTTPServerCommandError
  OnCommandOther = IdHTTPServerCommandOther
  OnCreateSession = IdHTTPServerCreateSession
  OnInvalidSession = IdHTTPServerInvalidSession
  OnHeadersAvailable = IdHTTPServerHeadersAvailable
  OnHeadersBlocked = IdHTTPServerHeadersBlocked
  OnHeaderExpectations = IdHTTPServerHeaderExpectations
  OnParseAuthentication = IdHTTPServerParseAuthentication
  OnQuerySSLPort = IdHTTPServerQuerySSLPort
  OnSessionStart = IdHTTPServerSessionStart
  OnSessionEnd = IdHTTPServerSessionEnd
  OnCreatePostStream = IdHTTPServerCreatePostStream
  OnDoneWithPostStream = IdHTTPServerDoneWithPostStream
  OnCommandGet = IdHTTPServerCommandGet
  Left = 304
  Top = 97
end
object IdServerIOHandlerSSLOpenSSL: TIdServerIOHandlerSSLOpenSSL
  OnStatus = IdServerIOHandlerSSLOpenSSLStatus
  SSLOptions.Method = sslvSSLv23
  SSLOptions.SSLVersions = [sslvSSLv2, sslvSSLv3, sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2]
  SSLOptions.Mode = sslmUnassigned
  SSLOptions.VerifyMode = []
  SSLOptions.VerifyDepth = 0
  SSLOptions.CipherList =
    'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RS' +
    'A-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECD' +
    'HE-RSA-AES256-SHA:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-' +
    'SHA:DES-CBC3-SHA'
  OnStatusInfo = IdServerIOHandlerSSLOpenSSLStatusInfo
  OnStatusInfoEx = IdServerIOHandlerSSLOpenSSLStatusInfoEx
  OnGetPassword = IdServerIOHandlerSSLOpenSSLGetPassword
  OnGetPasswordEx = IdServerIOHandlerSSLOpenSSLGetPasswordEx
  OnVerifyPeer = IdServerIOHandlerSSLOpenSSLVerifyPeer
  Left = 416
  Top = 105
end

每个事件都被钩住并记录下来;日志显示如下:

17:47:23.814 [ 0.371] IdHTTPServerBeforeBind: AHandle=0337C960
17:47:23.817 [ 0.003] IdHTTPServerBeforeBind: AHandle=0337C9A0
17:47:23.819 [ 0.002] IdHTTPServerAfterBind: Sender=03A9CBA0
17:47:23.866 [ 0.047] IdHTTPServerBeforeListenerRun: AThread=033150F0
17:47:23.879 [ 0.013] IdHTTPServerBeforeListenerRun: AThread=03315160
17:47:30.889 [ 7.010] IdHTTPServerContextCreated: AContext=00678CCC
17:47:30.889 [ 0.000] IdHTTPServerContextCreated: AContext=00678CCC
17:47:30.927 [ 0.038] IdHTTPServerQuerySSLPort: APort=443; VUseSSL=1
17:47:30.927 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfo: AMsg=SSL status: "before/accept initialization"
17:47:30.927 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfoEx: ASender=032D3C40; AsslSocket=03B0D3D0; AWhere=16; Aret=1
17:47:30.927 [ 0.000]   AType=Handshake Start; AMsg=before/accept initialization
17:47:30.927 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfo: AMsg=SSL status: "before/accept initialization"
17:47:30.927 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfoEx: ASender=032D3C40; AsslSocket=03B0D3D0; AWhere=8193; Aret=1
17:47:30.927 [ 0.000]   AType=Accept Loop; AMsg=before/accept initialization
17:47:30.928 [ 0.001] IdServerIOHandlerSSLOpenSSLStatusInfo: AMsg=SSL status: "SSLv3 read client hello C"
17:47:30.928 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfoEx: ASender=032D3C40; AsslSocket=03B0D3D0; AWhere=16392; Aret=552
17:47:30.928 [ 0.000]   AType=fatal Write Alert; AMsg=handshake failure
17:47:30.928 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfo: AMsg=SSL status: "error"
17:47:30.928 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfoEx: ASender=032D3C40; AsslSocket=03B0D3D0; AWhere=8194; Aret=-1
17:47:30.928 [ 0.000]   AType=Accept Error; AMsg=error
17:47:30.928 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfo: AMsg=SSL status: "error"
17:47:30.928 [ 0.000] IdServerIOHandlerSSLOpenSSLStatusInfoEx: ASender=032D3C40; AsslSocket=03B0D3D0; AWhere=8194; Aret=-1
17:47:30.928 [ 0.000]   AType=Accept Error; AMsg=error
17:47:30.999 [ 0.071] IdHTTPServerDisconnect: AContext=00678CCC
17:47:30.999 [ 0.000] IdHTTPServerException: AContext=0338E410; Exception: Error accepting connection with SSL.<CR><LF>error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
17:47:31.051 [ 0.052] IdHTTPServerQuerySSLPort: APort=443; VUseSSL=1
17:47:31.068 [ 0.017] IdHTTPServerDisconnect: AContext=00678CCC
17:47:31.068 [ 0.000] IdHTTPServerException: AContext=0338E280; Exception: Error accepting connection with SSL.<CR><LF>error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
17:47:31.140 [ 0.072] IdHTTPServerContextCreated: AContext=00678CCC
17:47:31.176 [ 0.036] IdHTTPServerQuerySSLPort: APort=443; VUseSSL=1
17:47:31.229 [ 0.053] IdHTTPServerContextCreated: AContext=00678CCC
17:47:31.262 [ 0.033] IdHTTPServerQuerySSLPort: APort=443; VUseSSL=1
17:47:31.287 [ 0.025] IdHTTPServerDisconnect: AContext=00678CCC
17:47:31.287 [ 0.000] IdHTTPServerException: AContext=0338E460; Exception: Error accepting connection with SSL.<CR><LF>error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
17:47:31.480 [ 0.193] IdHTTPServerContextCreated: AContext=00678CCC
17:47:31.512 [ 0.032] IdHTTPServerQuerySSLPort: APort=443; VUseSSL=1
17:48:01.230 [29.718] IdHTTPServerDisconnect: AContext=00678CCC
17:48:01.230 [ 0.000] IdHTTPServerException: AContext=0338E2D0; Exception: Socket Error # 10060<CR><LF>Connection timed out.
17:48:01.525 [ 0.295] IdHTTPServerDisconnect: AContext=00678CCC
17:48:01.525 [ 0.000] IdHTTPServerException: AContext=0338E4B0; Exception: Socket Error # 10060<CR><LF>Connection timed out.

我明显缺少什么吗?

谢谢

0 个答案:

没有答案