Lazarus 1.8.4 under Mac OS X 10.13.3 / Xcode 9.4.1

Just a quick question before we start blaming macOS:

If you’re using port 7100 and got this error - could you double-check that you have configured AES password for the secondary channel as well? Remember that it uses separate settings not only for ZIP Compression but for all other message settings as well, including AES envelopes (if any).

could you double-check that you have configured AES password for the secondary channel as well?

Do you mean on the Client?
I just changed the port… this is in my var. sync_server

procedure TDM.setup_connection(Sender: TObject);
begin
    ROAESEncryptionEnvelope.Password:= sync_aes;
    ROIndyHTTPChannel1.TargetUrl:= sync_server;
    RemoteDataAdapter_Login.TargetURL:=sync_server;
    //
    try
          // Try first AES with TLS  only disable on macOS
          if AppOS = 'unix' then
             ROBinMessage1.Envelopes.Delete(0);

          (RORemoteService2 as IBaseLoginService).LoginEx(Relativity_Connection_String);
          Except
             //on E: Exception do
             //   ShowMessage('An exception was raised: ' + E.Message)
          begin
               ROBinMessage1.Envelopes.Delete(0);
               (RORemoteService2 as IBaseLoginService).LoginEx(Relativity_Connection_String);
          end;
    end;
    //
    Setup_Dataset(Sender);
end;

No, on the Relativity Server side.

F.e. take a look at this config screenshot:

As you can see here Default AES password property is set to “password”.

This means that one has to assign AES envelope with correct password to message if he wants to access server via http://...:7099/bin

But at the same time accessing server via http://...:7100/bin does NOT require that AES password.

Relativity has 2 independent network interfaces. One (called default) always listens to ports 7098 (if https is configured) and 7099 and is not that much configurable.

Another one (called secondary or custom) allows to change used port, channel type, channel settings, message settings etc. On the screenshot above this interface is configured to use port 7100, serve as Http server channel with SSL disabled.

To enable AES password on that secondary interface scroll the properties pane down.

Press the small blue button next to Envelopes

Add envelope by pressing green + button

Set password (on screenshot below it is password123)

Press the checkmark button

Save configuration changes

This will enable AES on that message too

And it works :wink:
Thank you for the detailed help !

Shalom
Manfred