TIdHTTP cannot connect to https://www.implisit.com using TLS #314
Description
Using OpenSSL 1.0.2d, TIdHttp is not able to retrieve any page from
https://www.implisit.com, the following exception is raised:
EIdOSSLConnectError Error connecting with SSL.
EOF was observed that violates the protocol
The server is closing the connection as soon as TIdHTTP sends its SSL/TLS
"Client Hello" packet, without sending anything back in reply. A web browser
connects OK, though. So I Wiresharked the connections and see my browser
sending a TLS 1.2 hello, so I configure TIdHTTP to enable only TLS 1.2 but it
ends up sending a TLS 1.0 hello instead, even though it actually does
initialize TLS 1.2. I am guessing that there is a missing flag/feature that
Indy does not support/enable yet that is causing OpenSSL to downgrade to TLS
1.0. However, when I configure my browser to disable TLS 1.1 and 1.2, it sends
a TLS 1.0 hello and still connects OK. But the server is apparently rejecting
TIdHTTP's TLS 1.0 hello. I have no clue what OpenSSL is failing on at this
point, there is nothing coming from the server to explain it.
Original issue reported on code.google.com by gambit47 on 29 Jul 2015 at 6:20