问题
I am working on a project involving login and download, for more than 20 site, in some cases, the sites are very alike, even their structure is the same
i have encountered a problem recently, some of the same structured sites are http and some are Https, the Http ones are ok and work fine but the Https ones at the very first post return an error 500 internal server when i try to login, the response code shows
for security reasons you can not access ...
do i need to change my approach with https sites ? how can i fix this ?
my code :
mIdHttp := TIdHttp.create(nil);
mIdHttp.AllowCookies := true;
mIdHttp.HandleRedirects := true;
mIdHttp.Request.Charset := 'utf-8';
requestList.add('the post info from http analyzer');
mIdHttp.post('site login url', requestList, responseCode); // error happens here
for privacy reasons i can not share the url for any of the sites
Edit :
i did what was suggested about setting handler
LHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
mIdHttp.IOHandler:=LHandler;
but it didn't work! (i also downloaded the two dll)
New development :
i just noticed the windows internet explorer cant open the site either!! and it returns an error :
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to somesite.com again. If this error persists, contact your site administrator.
i think the certificate for the site is a fake, and if i go to the setting and uncheck the
check for publisher certifcate revocation
option in internet explorer, the site opens!, is this the reason i'm getting an error ? how can i do the same to idHttp ?
Edit 2 (A New Site):
because the problem with this site is very similar to the previous one, i decided not to create a new question for this
I'm getting an error 500 with a new site , when i try to manually go to the site and login i get an This Connection is Untrusted error in firefox and similar error in other browsers here is a picture o the firefox error :
I have already tried
LHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
//LHandler.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
LHandler.OnVerifyPeer := OnVerifyPeer;
mIdHttp.IOHandler := LHandler;
function OnVerifyPeer(certificate: TIdX509; AOk: Boolean; Adepth:Integer; AError: Integer): boolean;
begin
Result := true;
end;
but i still get the same error
i also should mention that in this particular case, using idHttp.Get does not cause any error, the error happens when i trying to Post for login.
one more thing, i use both httpAnalyzer and fiddler, but none of them can pick up the site posts or gets when i run my program (they only don't work when i use my program and i try to postand get for this particular site).
回答1:
i just noticed the windows internet explorer cant open the site either!! and it returns an error :
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to somesite.com again. If this error persists, contact your site administrator.
Enable the sslvTLSv1, sslvTLSv1_1, and sslvTLSv1_2 flags in the TIdSSLIOHandlerSocketOpenSSL.SSLOptions.SSLVersions property.
i think the certificate for the site is a fake, and if i go to the setting and uncheck the
check for publisher certifcate revocation
option in internet explorer, the site opens!
Assign a handler to the TIdSSLIOHandlerSocketOpenSSL.OnVerifyPeer event and have it return True for any certificate you want to accept.
来源:https://stackoverflow.com/questions/38805751/idhttp-error-500-internal-server-when-site-is-https