Can't create SSL connection via HTTP

[m227]

Hi, I use Delphi XE7, UniDAC 7.0.2, MySqlProvider and connection via HTTP tunneling. It works.
My TUniConnection.ConnectionString is:

Code: Select all

Provider Name=MySQL;User ID=ufin_kdr;Password=mysecretpass;Character Set=cp1250;Data Source=sql.myserver.pl;Database=ufin_kdr;Protocol=mpSSLHttp;Http Url=http://mysite.nazwa.pl/kdr/tunnel.php;Login Prompt=False

Then I try the same in Delphi 10.2 with UniDAC 8.2.4. But I get error:

First chance exception at $75EDB512. Exception class EMySqlException with message
'Wrong or unknown protocol
Can't create SSL connection via HTTP'.

What is wrong?

[FrayJohns]

Hi, you need to receive a public key from your hosting provider. It can be free of charge or paid. It is better to have a paid SSL certificate. Then you need to prove its authenticity. If you have a problem with SSL, you can use a TLS certificate. Read the Google guidelines for this case -https://support.google.com/domains/answer/7630973?hl=en.

[m227]

Then what changed since 7.0.2 as there it still works without any keys?

[YanishevskiyVI]

Hi guys!

Thank you for your inquiries!

In version 7.0.2, using the mpSSLHttp parameter (but not using the TCRSSLIOHandler component) creates a simple HTTP connection.
In version 8.2.4, we fixed this behavior and you can use the mpSSLHttp parameter only when you are using UniDAC components with SecureBridge components with the help of the TCRSSLIOHandler component.

The TCRSSLIOHandler component is located in the dcldacsbridgeXXX package. This package is included in the UniDAC demos. See the package installation instructions in the file:

Code: Select all

%UniDACDemos%\TechnologySpecific\SecureBridge\Readme.html

where %UniDACDemos% is the UniDAC Demo projects installation path on your computer.

After installing the dcldacsbridgeXXX package, you'll need to specify the absolute path to the:

Code: Select all

%UniDACDemos%\TechnologySpecific\SecureBridge

directory in the library path for all desired platforms using the menu Tools-> Environment Options-> Delphi Options-> Library.

%UniDACDemos% is the UniDAC Demo projects installation path on your computer.

Therefore, in order to revert the old behavior, you can change the mpSSLHttp parameter to Protocol = mpHttp.

For example:

Code: Select all

Provider Name = MySQL; User ID = ufin_kdr; Password = mysecretpass; Character Set = cp1250; Data Source = sql.myserver.pl; Database = ufin_kdr; Protocol = mpHttp; Http Url = http://mysite.nazwa.pl/kdr/tunnel.php; Login Prompt = False; 

In this case, as in version 7.0.2, a simple HTTP connection will be created.

If you want to use a simultaneous usage of SSL and HTTP tunnel, then you will have to use the TCRSSLIOHandler component.

You just need to place on the form the TCRSSLIOHandler component and assign it to the TUniConnection.IOHandler property.

Please, feel free to ask in case of any further questions!

Regards,
Vitaliy

[m227]

Hi Vitaliy, thank you for reasonable and detailed answer. On the other hand: I changed address to tunnel.php file in SpecificOptions, changing http:// to https://

If I put this (https) address to web browser I get:

Devart HttpTunnel v1.69
Tunnel script is installed correctly.
You can establish connections through the HTTP tunnel.

so encrypted http transmission works.

But when I try to set my TUniConnection.Connected to True in design time with this address I get: "Secure connection is not available". I do not have any IOHandler set. Do I have to use SecureBridge and set this handler to be able to use tunnel.php with https?

[m227]

Hi Vitaliy,
I successfully installed TCRSSLIOHandler (using corresponding to my UniDAC SecureBridge version).
Then I set up TUniConnection.IOHandler. And in SpecificOptions set https:// address and a protocol as mpSSLHttp.

When I run my application from IDE with Debugging then I get

First chance exception at $75CCB5B2. Exception class SocketException with message
'Error on data reading from the connection:
An existing connection was forcibly closed by the remote host'.

Then application runs fine. Is it OK?