Closed patrick-heuer closed 8 years ago
As the transport of the data itself is done by ohter components (WinHTTP or Indy). The SSL options need to be set at that level.
For WinHTTP see the option 'WinHttpRequestOption_SslErrorIgnoreFlags' I'm not sure, but I think Indy ignores them by default, when using SSL.
So, as solution you mean I shall build my own class (similar to WinHTTP), Setting the 'WinHttpRequestOption_SslErrorIgnoreFlags' properties there and use the OnCustomCreateConnection event to create the instance of my own class instead of using the original WinHTTP-class? Or shall we create a new property on TRestClient "IgnoreSSLErrors", and enhance the IHttpConnection Interface by that new propery?
I'd would rather suggest the latter - But it requires the implementation of this flag in each HTTP implementation - can you can create a PULL request for it ;)
But when you need a very quick sollution, you could just extend the current THttpConnectionWinHttp-class and set the options there... Then create that one in the OnCustomCreateConnection event
Check the new VerifyCert
option.
RestClient.VerifyCert := false;
I cannot access our .NET/C# HTTP(S) RESTful applicationserver, because it seems that it is not to be possible to ignore invalid developer SSL certificates! In C# you can set a property or handle an event “OnValidateCertificate” in order to ignore invalid SSl certificates (to allow them anyway), but in this delphi component I wasn´t able to find a similar property, so I cannot use it with our REST server…