Securing Indy Network Connections

From RAD Studio
Jump to: navigation, search

Go Up to Securing the Network Connections of Your Multi-Device Apps


This topic shows how to add TLS/SSL security support to your Indy network connections.

Prerequisites

To use TLS/SSL with Indy on your development machine, download the latest OpenSSL archive for your development platform from http://indy.fulgan.com/SSL/:

  • 32-bit Windows: openssl-<version>-i386-win32.zip.
  • 64-bit Windows: openssl-<version>-x64_86-win64.zip.

Extract the contents of the downloaded archive and locate the following library files:

  • libeay32.dll
  • ssleay32.dll

Copy these files into the folder where RAD Studio generates your application executable. For example, into <Project Folder>/Win32/Debug for 32-bit Windows.

For Windows, before you can run your application on a remote machine or you can distribute your application to your users, you must change the deployment configuration of your application to include these library files into the path of your application executable:

  1. Select Project > Deployment.
  2. Open the combo box on top of the Deployment Manager, and select the target platform (32-bit Windows or 64-bit Windows) under All configurations.
  3. Click Add Files.
  4. Select the required library files that you previously downloaded, and click OK.

For macOS, your application does not need to meet any prerequisite for TLS/SSL support. The required OpenSSL library is available by default on those operating systems.

For iOS, see Creating an iOS App, OpenSSL Support to configure your application for TLS/SSL encryption support.

For Android versions up to 6, you need to include the OpenSSL Libraries, since Android moved away from OpenSSL to BoringSSL.

Note: RAD Studio Sydney only supports up to Android 6 versions.

For other platforms see OpenSSL libraries.

Implementing TLS/SSL Support on Your Indy Client

Descendants of TIdTCPConnection, such as TIdHTTP, provide a property named IOHandler.

To secure an Indy network connection, drag a TIdSSLIOHandlerSocketOpenSSL component into the Form Designer and double-click the IOHandler property of your Indy client component in the Object Inspector so that your new TIdSSLIOHandlerSocketOpenSSL component is selected as input/output handler.

Alternatively, you can secure the network connections of your Indy client from code:

Delphi:

Client.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create;

C++:

Client->IOHandler = new TIdSSLIOHandlerSocketOpenSSL();

You can now use your client to perform secure requests to a server that supports TLS/SSL encryption using the HTTPS protocol. For example, to retrieve "http://www.example.com" using TLS/SSL encryption, get "https://www.example.com" instead with your client.

See Also