I have some code that has been running for a number of years successfully, however, the server side has changed their minimum specification for SSL connections and I can no longer get a Xojo HTTPSecureSocket connection to work.
My basic code is
Dim Vsock as New HttpSecureSocket
vsock.Address="www.b2b.nm.XYZ.int"
vsock.ConnectionType=SSLSocket.TLSv12 // SSLSocket.TLSv12
dim f as FolderItem
f = GetFolderItem("CC002.pem")
vsock.CertificateFile =f
vsock.CertificatePassword="XYX"
url="https://www.b2b.nm.XYZ.int/B2B_OPS/gateway/spec/20.0.0"
vsock.SetPostContent( s,"application/xml")
Response = vsock.post (URL,5)
The Response is blank. When I look at the TCP/IP traffic, I see that the client closes the connection immediately. If I use what I believe is exactly the same parameters from CURL I get the expected response from the server.
On the failed connection, I see a normal start to the TCP conversation
No. Time Source Destination Protocol Length Info
1 17:43:43.849582 192.168.1.83 193.58.21.20 TCP 78 53663 ? 16443 [SYN] Seq=0 Win=65535 Len=0 MSS=1360 WS=32 TSval=1134664343 TSecr=0 SACK_PERM=1
2 17:43:43.866305 193.58.21.20 192.168.1.83 TCP 64 16443 ? 53663 [SYN, ACK] Seq=0 Ack=1 Win=1460 Len=0 MSS=1412
3 17:43:43.866387 192.168.1.83 193.58.21.20 TCP 54 53663 ? 16443 [ACK] Seq=1 Ack=1 Win=65535 Len=0
And then immediately my Xojo client appears to close the connection
No. Time Source Destination Protocol Length Info
4 17:43:43.907250 192.168.1.83 193.58.21.20 TCP 54 53663 ? 16443 [FIN, ACK] Seq=1 Ack=1 Win=65535 Len=0
5 17:43:43.923265 193.58.21.20 192.168.1.83 TCP 64 16443 ? 53663 [FIN, ACK] Seq=1 Ack=2 Win=14600 Len=0
6 17:43:43.923314 192.168.1.83 193.58.21.20 TCP 54 53663 ? 16443 [ACK] Seq=2 Ack=2 Win=65535 Len=0
The CURL TCP Conversation is
No. Time Source Destination Protocol Length Info
30 18:56:05.294904 192.168.1.83 193.58.21.20 TCP 78 54655 ? 16443 [SYN] Seq=0 Win=32768 Len=0 MSS=1360 WS=1 TSval=1138988996 TSecr=0 SACK_PERM=1
31 18:56:05.310931 193.58.21.20 192.168.1.83 TCP 64 16443 ? 54655 [SYN, ACK] Seq=0 Ack=1 Win=1460 Len=0 MSS=1412
32 18:56:05.311022 192.168.1.83 193.58.21.20 TCP 54 54655 ? 16443 [ACK] Seq=1 Ack=1 Win=34000 Len=0
And then the Curl application pushes the required certificate to the server
No. Time Source Destination Protocol Length Info
33 18:56:05.312058 192.168.1.83 193.58.21.20 TCP 181 54655 ? 16443 [PSH, ACK] Seq=1 Ack=1 Win=34000 Len=127
34 18:56:05.327425 193.58.21.20 192.168.1.83 TCP 64 16443 ? 54655 [ACK] Seq=1 Ack=128 Win=14600 Len=0
35 18:56:05.329170 193.58.21.20 192.168.1.83 TCP 1418 16443 ? 54655 [ACK] Seq=1 Ack=128 Win=14600 Len=1360
36 18:56:05.329675 193.58.21.20 192.168.1.83 TCP 1418 16443 ? 54655 [ACK] Seq=1361 Ack=128 Win=14600 Len=1360
And then completes the TCP connection using TSLv1.2 and AES256-SHA, which then follows on to establish the HTTPS session, execute the POST and retrieve the response.
Clearly something in my Xojo configuration (or possibly in Xojo itself) is causing the connection to be closed after the first TCP handshake. The fact CURL works would indicate that my URL, Certificate, Password, network, and Firewall are all OK.
Any ideas of what the issue may be?
Thanks in advance.
PS - I have excluded any code setting up headers as the connection never progresses beyond the initial TCP handshake and therefore there are no HTTP headers or commands exchanged.