> I connect (via THTTPSend and OpenSSL Library, > HTTPSend.Sock.SSL.VerifyCert is False) to https://www.paypal.com/ and > all is right, site data was getted. But if I switch > HTTPSend.Sock.SSL.VerifyCert to True then connecting is closed without > data getted. I traced source and reached to this code:
Because you wish to check server certificate and certificate is invalid, or you cannot verify it. (probably you forgot to use root CA chain certificates for verification.) > btw. In Indy components I found VerifyCallback function that is > OpenSSL library Callback. I know, but I never need this callback. If I not need verify certificate, then I can work without this callback. And when I need to verify certificate, then I just assign root certificates to CertCA property and full right verification has been made by OpenSSL. I not need any callback here too. This hook is good if you wish to override some bad verification status to good verificationstatus by your own rules. However you can do this without hook, just ignore bad certificates and after sucessfull connect you can examine certificates propertis and you can drop connection here if you wish. -- Lukas Gebauer. E-mail: [EMAIL PROTECTED] http://synapse.ararat.cz/ - Ararat Synapse - TCP/IP Lib. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ synalist-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/synalist-public
