Troubleshoot SSL/TLS connection with Indy

Yesterday, all of a sudden, one of my Delphi programs failed to connect to various WMS servers on the internet. I got the following error message:

Error connecting with SSL. error 1409442E:SSL routine:ssl3_read_bytes:tlsv1 alert protocol version

Since I was using a recent version of Indy, this should not happen, according to this thread on Delphi Praxis. It turned out that somehow a very old version of the openssl DLLs libeay32.dll and ssleay32.dll had gotten placed in the sarch path on my computer (version 1.0.0e). Getting the latest versions hosted on GitHub or and putting them into my program’s executable directory solved the issue.

OK, so how did I find out that this was the case (apart from googling an guessing)?

There is a function OpenSSLVersion in unit IdSSLOpenSSL which returns the version of the OpenSSL dll. This should at the time of this writing start with "OpenSSL 1.0.2u".

Also calling GetModuleName with the handles of both DLLs, which are available through the functions GetSSLLibHandle and GetCryptLibHandle respectively, gives you the full path to the DLLs that were actually loaded. Of course for this to work, the DLLs must already have been loaded, but Calling OpenSSLVersion does this for you.

  OpenSslVer := IdSSLOpenSSL.OpenSSLVersion;
  OpenSslLibName := GetModuleName(GetSSLLibHandle);
  OpenSslCryptLibName := GetModuleName(GetCryptLibHandle);

I hope this might be useful to others, because it took me a while to figure out how to get this information.

@Remy Lebeau: Thanks a lot for all the work you have put into and are still putting into this library.

Discussion about this blog post in the international Delphi Praxis forum.