HTTPS on THttpAsyncServer

allanbrrj · 2024-09-29 01:05:15

Hi, I'm starting with mormort.

When try use https, InitNetTlsContextSelfSignedServer or InitNetTlsContext, returning this error on every request.

Exception class ESChannel with message '<>: HandshakeStep returned 80090331 [SEC_E_ALGORITHM_MISMATCH], System Error 1 [ERROR_INVALID_FUNCTION]'.
Exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'.

I dont undestand where put this code "InitNetTlsContextSelfSignedServer" or "InitNetTlsContext".

I using Server.WaitStarted(10,@FCertificado) but always return erro on request.

I tried use certificate .crt, .pem, .pfx evething return same error, this certicates dont installed on windows.

this is my code.

ab edit: moved to gist

allanbrrj · 2024-09-29 01:41:33

I correct my code and now everything is ok.

ab edit: moved to gist

ab · 2024-09-29 10:48:05

Hello

Please follow the forum rules and don't put code directly in the forum, but in a gist.

So, to sumup, now your HTTPS server is working as expected, with the code of your last post?

Edit:
I have created a gist to show you how it works, and taken the liberty to remove the source code from your posts.
https://gist.github.com/synopse/fe1ba20 … e910a4e75c
And you can easily show diffs between versions, so it is easy to see what you did to make it work in your 2nd revision:
https://gist.github.com/synopse/fe1ba20 … /revisions

allanbrrj · 2024-10-08 19:29:39

With external file certificate using InitNetTlsContext everything ok.
But self signed using InitNetTlsContextSelfSignedServer sometimes retuns error Exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'

I dont understand why.
I am call correctly InitNetTlsContextSelfSignedServer?

ec · 2024-10-09 12:11:22

What browser are you using? I recently noticed a similar situation in browsers other than Firefox.

ab · 2024-10-09 15:49:34

I have disabled TLS 1.3 on SChannel, because it seems to be unstable on some Windows 11 builds.
https://github.com/synopse/mORMot2/commit/793e3977

Please report if you find something more stable on your end.

ec · 2024-10-09 16:20:36

It seems more stable to me.

In Firefox, it works perfectly. The browser displays the warning: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT, as expected.

In other browsers, the exception occurs: "Project ecentric.exe raised exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'.". The browser displays the warning: NET::ERR_CERT_AUTHORITY_INVALID. However, now it is possible to ignore this type of exception, and the execution continues normally.

Thank you!

ab · 2024-10-09 17:19:21

The fact that a browser warned you because of a self-signed unknown certificate is the expected security behavior.

allanbrrj · 2024-10-10 15:43:11

I am use Edge, and test with Chrome and Firefox.

Realy after accept certifate warnings, all fine on Firefox.

The problem is Edge and Chrome. Sometimes raise error.

Last edited by allanbrrj (2024-10-10 16:04:48)

mORMot Open Source

#1 2024-09-29 01:05:15

HTTPS on THttpAsyncServer

#2 2024-09-29 01:41:33

Re: HTTPS on THttpAsyncServer

#3 2024-09-29 10:48:05

Re: HTTPS on THttpAsyncServer

#4 2024-10-08 19:29:39

Re: HTTPS on THttpAsyncServer

#5 2024-10-09 12:11:22

Re: HTTPS on THttpAsyncServer

#6 2024-10-09 15:49:34

Re: HTTPS on THttpAsyncServer

#7 2024-10-09 16:20:36

Re: HTTPS on THttpAsyncServer

#8 2024-10-09 17:19:21

Re: HTTPS on THttpAsyncServer

#9 2024-10-10 15:43:11

Re: HTTPS on THttpAsyncServer

Board footer