Trenutno se igram sa komponentama iz Overbyte ICS paketa, koristim TSslHttpClient i TSslVerifyContext, ali ne znam kako da proverim da li je sertifikat sa nekog servera validan ?
Trenutno ovako:
Code:
procedure TMainWindow.Button1Click(Sender: TObject);
begin
sslClient.URL := 'https://www.facebook.com';
sslClient.GetASync;
end;
procedure TMainWindow.sslClientSslHandshakeDone(Sender: TObject; ErrCode: Word; PeerCert: TX509Base; var Disconnect: Boolean);
begin
ShowMessage(PeerCert.SubjectCName);
end;
procedure TMainWindow.sslClientSslVerifyPeer(Sender: TObject; var Ok: Integer; Cert: TX509Base);
begin
Ok := 1;
ShowMessage(IntToStr(Cert.VerifyResult));
// Cert.SaveToPemFile('C:\testcert.pem');
end;
procedure TMainWindow.Button1Click(Sender: TObject);
begin
sslClient.URL := 'https://www.facebook.com';
sslClient.GetASync;
end;
procedure TMainWindow.sslClientSslHandshakeDone(Sender: TObject; ErrCode: Word; PeerCert: TX509Base; var Disconnect: Boolean);
begin
ShowMessage(PeerCert.SubjectCName);
end;
procedure TMainWindow.sslClientSslVerifyPeer(Sender: TObject; var Ok: Integer; Cert: TX509Base);
begin
Ok := 1;
ShowMessage(IntToStr(Cert.VerifyResult));
// Cert.SaveToPemFile('C:\testcert.pem');
end;
Probao sam i da skinem OpenSSL i da snimim sertifikat kao .pem fajl i proverim ga sa openssl verify cert.pem, ali mi se openssl crashuje.
U obzir dolaze i "eksterna" resenja, ne mora da bude strogo u sklopu delphija, dakle, ako mogu da sa openssl proverim validnost sertifikata, onda bih ga pozivao iz delphija tako.