These are chat archives for IndySockets/Indy

Aug 2018
Aug 10 2018 06:53

Hi, I use the idFTPServer as FTPs server. Everything works with self-signed certificates.
IdServerIOHandlerSSLOpenSSL->SSLOptions->KeyFile / IdServerIOHandlerSSLOpenSSL->SSLOptions->CertFile / IdServerIOHandlerSSLOpenSSL->SSLOptions->RootCertFile are set.

Where can I specify a certificate version chain?

Excuse me, I mean a certification chain.
Aug 10 2018 07:45
If I remember correctly, you have to use a file with your complete chain as IdServerIOHandlerSSLOpenSSL->SSLOptions->CertFile
Aug 10 2018 07:58
All right,
and what is IdServerIOHandlerSSLOpenSSL->SSLOptions->RootCertFile good for?
Remy Lebeau
Aug 10 2018 18:28
@davidwed SSLOptions->RootCertFile refers to a single file in PEM format containing 1 or more trusted CA certificates. There is also an SSLOptions->VerifyDirs property that refers to a folder containing trusted CA certificates in individual PEM files. See OpenSSL's documentation for the SSL_CTX_load_verify_locations() function for more details: