HTTPSecureSocket

I’m using a HTTPSecureSocket to access an API over HTTPS. I built a method to return data:

  Dim socket1 As New HTTPSecureSocket
  Dim dicReturn as New Dictionary
  socket1.Yield = True
  
  if data <> nil then
    socket1.SetRequestContent(data.ToString, "application/json")
  end if
  dicReturn.Value("data") = socket1.SendRequest(method, app.CLOUD_API_URL+url, 5)
  dicReturn.Value("status") = socket1.HTTPStatusCode
  socket1.Close
  return  dicReturn

The code returns a status code of 0, with an empty return value instantly. If I do the request over HTTP, it works. I have tested it over HTTPS with a REST test client and it works.

I also created an event handler for all HTTPSecureSocket events, and nothing is triggered.

Thanks for the help!

Are you using SSLv3? If so your provider may have dropped support for it due to the poodle vulnerability.

Looks like the replacement is TLS.

I have an internal project (used by my team) that reads the Campfire API. I had to change all of my HTTPSecureSocket controls ConnectionType to TLS:

//SSLv3 deprecated due to Poodle vulnerability 'self.ConnectionType = self.SSLv3 //use TLS instead self.ConnectionType = self.TLSv1

HTH!
Anthony

Anthony beat me to it. Yes, I had the same problem, changing the connection type to TLSv1 solved the issue here as well.

Thanks so much! That was it. I was going crazy last night.

Appreciate it!

@Paul Lefebvre - should the HTTPSecureSocket.ConnectionType documentation be updated? (and possibly the default connection type?)

I just got bit with that this morning. THANK YOU Xojo forums for this little tidbit of information! And especially, thank you Anthony! You saved my bacon.

My GoogleApi class uses the default SSLv21 but fails when I tried changing it to TLSv1. Do I have to worry about Google turning off support for this and not having a protocol that will work?

Thank you Anthony!

Considering the POODLE vulnerability in SSLv3, please give <https://xojo.com/issue/31126> some attention.