Show/Hide Toolbars

TMS Sparkle Documentation

Navigation: Http Server > Http.Sys-based Server

Using HTTP secure (HTTPS)

Scroll Prev Top Next More

You can configure your server to work with HTTP secure. To do this, you need to previously bind an existing certificate to the port you are going to use for the HTTPS connection. This way, when the http.sys server receives an HTTPS request to a specified port, it will know which server certificate to send to the client.

Just as with URL reservation, there are several ways you can bind a certificate to a port:

 

TMSHttpConfig tool (to easily configure using GUI)

THttpSysServerConfig class (to configure from Delphi code)

Windows netsh command-line tool (to learn how to configure with Windows itself without using Sparkle)

 

One  you have bound the certificate to the port in server, using HTTPS is pretty straightforward with Sparkle. You don't need any extra SSL libraries to be installed/deployed either in client or server. All SSL communication is done native by the underlying operational system.

 

Use "https" prefix in Delphi code

 

Once you have registered your certificate with the command above, your server is configured to use secure connections. Please note that you still need to reserve the url for the connection, and the url must begin with "https" (for example, you might want to reserve the url namespace "https://+:2002/tms/business".

 

When registering modules in the HTTP server, all you need to do is provide the correct base URI that matches the reserved namespace. Don't forget that you must prefix the URI with "https".

 

Using a certificate for testing

 

If you don't have a certificate, you can still generate a self-signed certificate for testing purposes. For that you will need makecert.exe tool, which is available when you install either Microsoft Visual Studio or Windows SDK. Generating a self-signed certificate is out of scope of this documentation, but the following links might help in doing such task. Once you have generated and installed a self-signed certificate, the process for using it is the same as described previously, all you need is bind the certificate to the HTTPS port using the certificate thumbprint.

 

How to: Create Temporary Certificates for Use During Development

 

Note: Self-signed certificates are only for testing/development purposes. For production environment, use a certificate signed by a certificate authority.