You are not logged in.
Pages: 1
Good morning,
I am a beginner in Mormot,
I took the example:
mormot2\ex\Third Party Demos\martin-doyle\05-HttpDaemonORM,
and I added https, I changed:
On the server:
HttpServer := TRestHttpServer.Create(HttpPort,[SampleServer],'+',HTTP_DEFAULT_MODE,32,secTlsselfsigned );
On the client:
HttpClient := TRestHttpClient.Create('localhost', HttpPort, Model,true);
HttpClient.IgnoreTlsCertificateErrors:=true;
I ran Project05HttpDaemon.exe as administrator, it is registered in http.sys:
20241116 17291031 ! + mormot.rest.http.server.TRestHttpServer(016738e0).Create useHttpApiRegisteringURI (secTLSSelfSigned) on port 11111
20241116 17291033 ! http mormot.rest.http.server.TRestHttpServer(016738e0) http.sys registration of https://+:11111/root
20241116 17291033 " info SetThreadName 4c84=HttpSrv 11111root THttpApiSrv
20241116 17291033 " trace server.TSampleServer(01600030) BeginCurrentThread(THttpApiServer) root=root ThreadID=4c84 'HttpSrv 11111root THttpApiSrv' ThreadCount=1
20241116 17291033 # info SetThreadName 4f40=HttpSrv 11111root THttpApiSrv
But the client requests do not reach the server, there is not even a trace on the server.
THANKS.
Offline
Thank you for your response,
what is the best solution (security + speed) to resolve this problem,
with example if you like
THANKS
Offline
server:
HttpServer := TRestHttpServer.Create(HttpPort, [SampleServer], '+', useBidirAsync, 4, secTLSSelfSigned);
client:
HttpClient := TRestHttpClient.Create('localhost', HttpPort, Model, true);
Offline
Thank you for your response.
How can I do it with my own certificate with example please
THANKS
Offline
see source code:
/// create a HTTP/HTTPS Server instance, to serve REST requests
...
// - for a HTTPS server, use secTLS and set CertificateFile, PrivateKeyFile,
// and PrivateKeyPassword expected values, or specify secTLSSelfSigned
constructor Create(const aServers: array of TRestServer; const aPort: RawUtf8;
aThreadPoolCount: integer = 32; aSecurity: TRestHttpServerSecurity = secNone;
aOptions: TRestHttpServerOptions = HTTPSERVER_DEFAULT_OPTIONS;
const CertificateFile: TFileName = ''; const PrivateKeyFile: TFileName = '';
const PrivateKeyPassword: RawUtf8 = ''; const CACertificatesFile: TFileName = '');
reintroduce; overload;
Offline
Thanks for your help
i will test
Thanks
Offline
Good morning,
After using my certificate
HttpServer := TRestHttpServer.Create([SampleServer], HttpPort, 16, secTLS,HTTPSERVER_DEFAULT_OPTIONS , 'mycertificat.pem','myprivatkey.key','PasseworD' );
I got the following error:
20241121 12060323 ! EXC ESChannel {Message:"<>: AfterBind: PFXImportCertStore returned 80090327 [SEC_E_CERT_UNKNOWN], System Error -2146885630 [Une erreur s’est produite lors d’une opération de codage ou de décodage]"} [Main] at 4471b9
20241121 12060324 ! EXC ENetSock {Message:"TCrtSocket.DoTlsAfter: TLS failed [ESChannel <>: AfterBind: PFXImportCertStore returned 80090327 [SEC_E_CERT_UNKNOWN], System Error -2146885630 [Une erreur s’est produite lors d’une opération de codage ou de décodage]]"} [Main] at 44c7b9
Offline
Thank you for your answer
How can I do that with example please
Thank you
Offline
See TSChannelNetTls.AfterBind logic and comments.
Convert to PFX:
openssl pkcs12 -inkey myprivatkey.key -in mycertificat.pem -export -out mycert.pfx
Offline
Pages: 1