Hi,
I am working with Delphi XE10 Seattle, latest MyDAC(installed Sept 28 2017) and latest SecureBridge (installed Sept 30 2017).
I am new to SecureBridge and struggling with the install / getting started. I am trying to connect with MySQL on Google Could using SSL. I have no problems when I connect with TMyConnection, setting the Options|Protocol to mpSSL and the SSLOptions CACert, Cert and Key properties to the appropriate data files.
I want to store multiple certificates in order to make different server connections from the same application, hence I have installed SecureBridge.
I have located the dproj/bpl and installed TMySSLIOHandler which I have connected to TMyConnection.
I have added TscFileStorage and connected from TMySSLIOHandler.
Immediately some issues:
(1) SCFileStorage OnCheckUserKey event references ClientInfo: TScSSHClientInfo which is not found by Delphi.
(2) Same issue with OnCheckUserPassword event.
(3) The IOHandler OnServerCertificateValidation event references var Errors: TScCertificateStatusSet but I cannot find any documentation relating to TScCertificateStatusSet .
(4) On compiling my small project, Delphi cannot find DCUs for CRSSLIOhandler or MySSLIOHandler.
I recently purchased the Source for MyDAC which does, fortunately have a copy of these units.
So after a struggle I have imported my CACert, my Cert and after importing the Cert I imported the Key within the Cert tab.
Now when I connect MyConnection I am given the error "The certificate is not trusted by the trust provider". I would be very grateful for some assistance to move this forward.
Finally, could someone please assist in exactly how I can import the CACert, Cert and Key using TStream so I can import them at run time?
Many thanks.
Regards
Tim hayes
MyDAC SecureBridge Help Please
Re: MyDAC SecureBridge Help Please
1, 2: The TScSSHClientInfo class is declared in the ScSSHUtils module.
3: Thank you for the information. We will add the necessary information to the SecureBridge help shortly.
4. To solve the issue, you can specify the path to the %MyDACDemos%\TechnologySpecific\SecureBridge directory in the "Library path" for All platform using the menu Tools-Environment Options-Delphi Options-Library. %MyDACDemos% is the MyDAC Demo projects installation path on your computer.
5. The error "The certificate is not trusted by the trust provider" occurs when you use a non-trust certificate.
To solve the issue, you can use either a trust certificate or disable this error message. For this, you can set the TMyConnection.SSLOptions.TrustServerCertificate property to True. For example:
6. You can import certificates in run-time using the method TScCertificate.ImportFrom(Stream: TStream; const Password: string = ''). For example:
3: Thank you for the information. We will add the necessary information to the SecureBridge help shortly.
Code: Select all
type
TScCertificateStatus = (
csValid,
csOtherError, csExpired, csInvalidBasicConstraints, csInvalidKeyUsage, csIssuerNotEqualSubject, csInvalidSubjectName, csUntrustedRoot, csInvalidSignature
);
TScCertificateStatusSet = set of TScCertificateStatus;
Description
The TScCertificateStatus enumeration represents detailed information for the status of the certificate validation.
Value Meaning
csValid Certificate is valid.
csOtherError Certificate is invalid for obscure reasons.
csExpired Certificate is expired.
csInvalidBasicConstraints Certificate is invalid due to invalid basic constraints (refer to TScCertBasicConstraintsExtension).
csInvalidKeyUsage Certificate is invalid due to invalid key usage (refer to TScCertKeyUsageExtension).
csIssuerNotEqualSubject Certificate issuer name is not equal to the parent certificate subject name.
csInvalidSubjectName Certificate is invalid due to invalid subject name (refer to SubjectName).
csUntrustedRoot Certificate is invalid due to an untrusted root certificate.
csInvalidSignature Certificate is invalid due to an invalid certificate signature.
5. The error "The certificate is not trusted by the trust provider" occurs when you use a non-trust certificate.
To solve the issue, you can use either a trust certificate or disable this error message. For this, you can set the TMyConnection.SSLOptions.TrustServerCertificate property to True. For example:
Code: Select all
MyConnection.SSLOptions.TrustServerCertificate := True;
Code: Select all
var
Cert: TScCertificate;
MyCert: String;
SStream: TStringStream;
...
Cert := TScCertificate.Create(ScRegStorage.Certificates);
Cert.Name := 'CertName'
SStream:=TStringStream.Create(MyCert);
Cert.ImportFrom(SStream);
Re: MyDAC SecureBridge Help Please
Thank you very much Victor - your response is very helpful.
Regards
Tim
Regards
Tim
Re: MyDAC SecureBridge Help Please
Thank you for the interest in our products.
Please contact us if you have any questions about our products.
Please contact us if you have any questions about our products.