Neal Barnett wrote:
>>> Instead of TSmtpCli you have to use TSslSmtpCli plus a linked
>>> TSslContext. Take a look at the OverbyteIcsSslMailSnd sample in
>>> ICS sub directory SslInternet, get a free GMail account and play
>>> with the demo. And don't forget to download the OpenSSL libraries
>>> from http://wiki.overbyte.be/wiki/index.php/ICS_Download.
>
> So, then a few more questions:
>
> 1. If my app is compiled in Delphi 7 32-bit, but have end-users that
> have both 32-bit and 64-bit Windows, would I use the OpenSSL Win32
> binaries? Would they work on both platforms?
Then you need the 32-bit version since a 32-bit application can
only link 32-bit DLLs.
And yes the will work on 64-bit Windows as well.
> 2. For the end user, if they chose Implicit (TLS Connection) or
> Explicit (STARTTLS) to send, I would not want them to have to fill in
> (or know about) the various SSLContext parameters (Verify Peer, CA
> File, CA Path, Cert File, Key File, Pass Phrase). What should I use
> for the default values for these?
Cert File, Key File and Pass Phrase are usually not required unless
the server requires client certificates, havn't seen one the wild yet.
Verify Peer or
"Verify server certificate" should be an option.
Also if that is set I provide:
a) Check for server certificate revocation
b) Check for cerficate address match
c) Show dialog on certificate errors
Verify Peer, CA File, CA Path are required to verify the server
certificate using OpenSSL. Beside the fact that OpenSSL won't
detect revoked certificates etc. I recommend to use the Microsoft
API for server certificate verification in a mail client that has
to deal with only one or just a few mail servers.
Using the Microsoft API you get rid of CA File, CA Path and are
able to provide the options above easily to your users.
I made a small sample app that shows how to do that, take a
look at OverbyteIcsMsVerify demo in subdirectory SslInternet.
Note that Google doesn't support SSL session caching :(
> 3. For my app distribution, would I simply include libeay32.dll and
> ssleay32.dll in the application directory?
Yes, that's the right place.
--
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
