Sorry, kam erst jetzt wieder dazu das weiter anzuschauen.
Folgender Code jeweils mit
HTTP1.Get('https://www.delphipraxis.net');
getestet.
Alter IO Handler:
Delphi-Quellcode:
function TForm1.IdSSLIOHandlerSocketOpenSSL1VerifyPeer(Certificate: TIdX509;
AOk: Boolean; ADepth, AError: Integer): Boolean;
begin
mmo1.Lines.Add('Depth: ' + ADepth.ToString());
mmo1.Lines.Add('ErrorCode: ' + AError.ToString());
mmo1.Lines.Add('Subject: ' + Certificate.Subject.OneLine);
mmo1.Lines.Add('Thumbprint SHA1: ' + Certificate.Fingerprints.SHA1AsString);
mmo1.Lines.Add('');
Result := True;
end;
Code:
Depth: 0
ErrorCode: 20
Subject: /CN=*.delphipraxis.net
Thumbprint SHA1: 70:B1:AC:83:99:05:36:27:75:AE:7E:ED:92:5E:0F:A8:A0:0B:D0:52
Depth: 0
ErrorCode: 21
Subject: /CN=*.delphipraxis.net
Thumbprint SHA1: 70:B1:AC:83:99:05:36:27:75:AE:7E:ED:92:5E:0F:A8:A0:0B:D0:52
Neuer IO Handler:
Delphi-Quellcode:
procedure TForm1.HandleOnVerify(Sender: TObject; const x509: TIdOpenSSLX509;
const VerifyResult, Depth: Integer; var Accepted: Boolean);
begin
mmo1.Lines.Add('Depth: ' + Depth.ToString());
mmo1.Lines.Add('ErrorCode: ' + VerifyResult.ToString());
mmo1.Lines.Add('Subject: ' + x509.Subject.AsString);
mmo1.Lines.Add('Thumbprint SHA1: ' + x509.ThumbprintAsSHA1);
mmo1.Lines.Add('');
Accepted := True;
end;
Code:
Depth: 2
ErrorCode: 19
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2
Thumbprint SHA1: DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
Depth: 2
ErrorCode: 19
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2
Thumbprint SHA1: DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
Depth: 1
ErrorCode: 19
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte TLS RSA CA G1
Thumbprint SHA1: C9FEFC763D9548B487696F047ACBA0ABE45C7BC1
Depth: 0
ErrorCode: 19
Subject: /CN=*.delphipraxis.net
Thumbprint SHA1: 70B1AC839905362775AE7EED925E0FA8A00BD052
Wie du siehst ist bei Depth 0 der SHA1 Thumbprint identisch.
Zitat
Baum-Darstellung
