pcoenen Posted November 3, 2023 Share Posted November 3, 2023 Regularly I get the question from my customers to support TLS1.3. Is there any news regarding this item. would it be possible to use YuOpenSSL with uniGUI? Any other ways to add TL1.3 to uniGUI? Regards, Pascal Quote Link to comment Share on other sites More sharing options...
irigsoft Posted November 3, 2023 Share Posted November 3, 2023 7 minutes ago, pcoenen said: Regularly I get the question from my customers to support TLS1.3. Is there any news regarding this item. would it be possible to use YuOpenSSL with uniGUI? Any other ways to add TL1.3 to uniGUI? Regards, Pascal maybe this will show you some points: http://forums.unigui.com/index.php?/search/&q=TLS 1.2&quick=1&search_and_or=or&sortby=relevancy and some solutions: Quote Link to comment Share on other sites More sharing options...
pcoenen Posted November 3, 2023 Author Share Posted November 3, 2023 Yes I already use this information (cipherlist), thank you. The problem is that the 'old' openSSL dll's (1.0.2u) get 'red' flagged at some of my customers. It would be nice if we would know when TLS1.3 support would be added or if we could add it ourselves using for example YuOpenSSL or alternatives. Quote Link to comment Share on other sites More sharing options...
Tokay Posted November 3, 2023 Share Posted November 3, 2023 BTW exists Indy with patch for new SSL libraries: https://en.delphipraxis.net/topic/9118-delphi-113-indy-openssl-31/ I think this is critically necessary for uniguy 1 Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted November 3, 2023 Administrators Share Posted November 3, 2023 4 minutes ago, Tokay said: BTW exists Indy with patch for new SSL libraries: https://en.delphipraxis.net/topic/9118-delphi-113-indy-openssl-31/ I think this is critically necessary for uniguy Yes, but it is not an official Indy patch. Quote Link to comment Share on other sites More sharing options...
Tokay Posted November 4, 2023 Share Posted November 4, 2023 On 11/3/2023 at 5:21 PM, Farshad Mohajeri said: Yes, but it is not an official Indy patch. Is this a problem? You also use not official version But adding new OpenSSL versions drastically reduced all the issues. We forced to add many Pascal and installer code to solve OpenSSL issues on the different Linuxes (most defaultly use 1.1+ not compatible version). Not to mention 1.0.2u is just outdated, and do not guarantee the most secure channels, also tls 1.3 does not suppoeted at all. 1 Quote Link to comment Share on other sites More sharing options...
Franco Grech Posted November 5, 2023 Share Posted November 5, 2023 Use Apache/Nginx Reverse-Proxy. It'll automatically solve this kind of issue. Your unigui server can working without SSL for internal communication. Quote Link to comment Share on other sites More sharing options...
Administrators Farshad Mohajeri Posted November 5, 2023 Administrators Share Posted November 5, 2023 On 11/4/2023 at 6:51 PM, Tokay said: Is this a problem? You also use not official version But adding new OpenSSL versions drastically reduced all the issues. We forced to add many Pascal and installer code to solve OpenSSL issues on the different Linuxes (most defaultly use 1.1+ not compatible version). Not to mention 1.0.2u is just outdated, and do not guarantee the most secure channels, also tls 1.3 does not suppoeted at all. We use the official version from Indy's official repository. It can be the problem because there is no indication that it is a finished and working TLS 1.3 port. Quote Link to comment Share on other sites More sharing options...
pcoenen Posted November 5, 2023 Author Share Posted November 5, 2023 23 minutes ago, Farshad Mohajeri said: We use the official version from Indy's official repository. It can be the problem because there is no indication that it is a finished and working TLS 1.3 port. Fyi, could you please check https://github.com/mezen/Indy/tree/NewOpenSSL_PR This is from Mezen who provided the pull request for the new openssl IO handler. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.