Reputation: 13
I'm using TIdHTTP
component to execute GET
command, resulting in above error message:
Request.ContentType := 'text/html';
Request.CustomHeader.Values['Authorization'] := 'Basic '+ TIdEncoderMIME.EncodeString(SPIAKey)+':'TIdEncoderMIME.EncodeString(SAPISecret);
TIdSSLIOHHandlerSocket
Method - sslvSSLv2
Can someone help me on this?
Upvotes: 1
Views: 2052
Reputation: 598448
NOBODY uses SSL v2.0 or SSL v3.0 anymore, as they are no longer secure. You need to use TLS v1.0 at a minimum 1. Indy 9's TIdSSLIOHandlerSocket
component supports up to TLS v1.0 max. Set the SSLOptions.Method
property to sslvTLSv1
for that.
1: be aware that websites have slowly been dropping support for TLS v1.0, and major webbrowser vendors are dropping support for TLS v1.0 and v1.1 later this year.
To use TLS v1.1 and higher, you need to upgrade to Indy 10, where TIdSSLIOHandlerSocket
has been renamed to TIdSSLIOHandlerSocketOpenSSL
, and its SSLOptions.Method
property has been deprecated in favor of a new SSLOptions.SSLVersions
property, which will allow you to enable TLS v1.0, v1.1, and v1.2 at the same time.
On a side note, you do not need to use the TIdHTTP.Request.CustomHeader
property to use Basic
authentication. TIdHTTP
has built-in support for Basic
. Simply set the TIdHTTP.Request.BasicAuthentication
property to True and then use the TIdHTTP.Request.Username
and TIdHTTP.Request.Password
properties:
Request.ContentType := 'text/html';
Request.BasicAuthentication := True;
Request.Username := SPIAKey;
Request.Password := SAPISecret;
This works in both Indy 9 and 10.
Upvotes: 5