I currently have a running server with a TROSynapseSuperHTTPServer instance serving clients using TROSynapseSuperHTTPChannel all of this with an AES envelope on a binary message.
I have been asked to add the possibility to configure the server so that it may optionally use a file based SSL certificate while keeping the following capabilities:
There is no need for older clients to be able to talk to a SSL enabled client as this would pose a security risk.
Looking around here, there were messages saying that the Synapse based classes do not support SSL, but they all date back a few years and things may have changed since then. In particular, I see that there is a file called ssl_openssl.pas that hints at “transparent” support when the appropriate OpenSLL DLLs are distributed alongside the application binary.
Do you know if the channel handles the 301 permanent return code?
This way I could have a dummy server listen on the original port that replies with that 301 redirect and get clients to automatically use HTTPs if configured to do so.
I believe there was an issue in packaging the latest snapshot as I can’t see the ssl_openssl3.pas source file along with a few other new files in the Synapse folder.
The prexisting files have been updated just fine but there are at least 6 new files: