Re: httpget and cloudflare SSL change


magic9@aquari.com
 

Hi Andreas,
Thanks for your response.
I am using the newest wget 1.20.3 to download the pages, but I will try stunnel.
Thanks
Andy


At 01:04 PM 11/26/2019, you wrote:
Hi Andy,

I suppose they did not only change certificates but also did stop support for SSL and early TLS (1.0 and 1.1). Available then TLS 1.2 (and maybe 1.3)
Magic 9.4 (until some Xpa 3.x version) does however only work with SSL and TLS 1.0 and you cannot change that.

If this is indeed the case you can check by probing the SSL handshakes.
Here's an online tool which does this for you:
https://www.ssllabs.com/ssltest/

What you can do (besides migrating to a Magic version which supports TLS 1.2):

Install a proxy which does bump up the TLS version and configure your 9.4 to work with this proxy
You can also work with a proxy which you do access (from eDeveloper) with http and which changes the protocol to https then.
You can do this with most proxies. For adding SSL/TLS to legacy apps which do not have and support for these protocols stunnel is often used:
https://www.stunnel.org/ . https://hub.docker.com/r/vimagick/stunnel/

I think there's even some Magic users which are familiar with it because they used it to get Magic working with secure SMTP.

Best regards,

Andreas

Join main@magicu-l.groups.io to automatically receive all group messages.