#1 2024-09-29 01:05:15

allanbrrj
Member
Registered: 2021-11-23
Posts: 4

HTTPS on THttpAsyncServer

Hi, I'm starting with mormort.

When try use https, InitNetTlsContextSelfSignedServer or InitNetTlsContext,  returning this error on every request.

Exception class ESChannel with message '<>: HandshakeStep returned 80090331 [SEC_E_ALGORITHM_MISMATCH], System Error 1 [ERROR_INVALID_FUNCTION]'.
Exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'.

I dont undestand where put this code "InitNetTlsContextSelfSignedServer" or "InitNetTlsContext".

I using Server.WaitStarted(10,@FCertificado) but always return erro on request.

I tried use certificate .crt, .pem, .pfx evething return same error, this certicates dont installed on windows.

this is my code.

ab edit: moved to gist

Offline

#2 2024-09-29 01:41:33

allanbrrj
Member
Registered: 2021-11-23
Posts: 4

Re: HTTPS on THttpAsyncServer

I correct my code and now everything is ok.

ab edit: moved to gist

Offline

#3 2024-09-29 10:48:05

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,604
Website

Re: HTTPS on THttpAsyncServer

Hello smile

Please follow the forum rules and don't put code directly in the forum, but in a gist.
wink

So, to sumup, now your HTTPS server is working as expected, with the code of your last post?

Edit:
I have created a gist to show you how it works, and taken the liberty to remove the source code from your posts.
https://gist.github.com/synopse/fe1ba20 … e910a4e75c
And you can easily show diffs between versions, so  it is easy to see what you did to make it work in your 2nd revision:
https://gist.github.com/synopse/fe1ba20 … /revisions

Offline

#4 2024-10-08 19:29:39

allanbrrj
Member
Registered: 2021-11-23
Posts: 4

Re: HTTPS on THttpAsyncServer

With external file certificate using InitNetTlsContext everything ok.
But self signed using InitNetTlsContextSelfSignedServer sometimes retuns error Exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'

I dont understand why.
I am call correctly InitNetTlsContextSelfSignedServer?

Offline

#5 2024-10-09 12:11:22

ec
Member
Registered: 2023-08-24
Posts: 34

Re: HTTPS on THttpAsyncServer

What browser are you using? I recently noticed a similar situation in browsers other than Firefox.

Offline

#6 2024-10-09 15:49:34

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,604
Website

Re: HTTPS on THttpAsyncServer

I have disabled TLS 1.3 on SChannel, because it seems to be unstable on some Windows 11 builds.
https://github.com/synopse/mORMot2/commit/793e3977

Please report if you find something more stable on your end.

Offline

#7 2024-10-09 16:20:36

ec
Member
Registered: 2023-08-24
Posts: 34

Re: HTTPS on THttpAsyncServer

It seems more stable to me.

In Firefox, it works perfectly. The browser displays the warning: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT, as expected.

In other browsers, the exception occurs: "Project ecentric.exe raised exception class ESChannel with message '<>: HandshakeStep returned 80090327 [SEC_E_CERT_UNKNOWN], System Error 87 [ERROR_INVALID_PARAMETER]'.". The browser displays the warning: NET::ERR_CERT_AUTHORITY_INVALID. However, now it is possible to ignore this type of exception, and the execution continues normally.

Thank you!

Offline

#8 2024-10-09 17:19:21

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,604
Website

Re: HTTPS on THttpAsyncServer

The fact that a browser warned you because of a self-signed unknown certificate is the expected security behavior.

Offline

#9 2024-10-10 15:43:11

allanbrrj
Member
Registered: 2021-11-23
Posts: 4

Re: HTTPS on THttpAsyncServer

I am use Edge, and test with Chrome and Firefox.

Realy after accept certifate warnings, all fine on Firefox.

The problem is Edge and Chrome. Sometimes raise error.

Last edited by allanbrrj (2024-10-10 16:04:48)

Offline

Board footer

Powered by FluxBB