I have an application which Posts XML using an HTTP object PostXml method. Up until March 2015 everything was working beautifully on all Windows versions with your DLLs dated Sep 2 2009. Starting approx. April, on Windows 7, 8, apparently only on those which were automatically updated by Windows Update, application stopped working and is showing the following error after PostXml:
On Windows XP it still works flawlessly. Why is that happening? MS must have changed something in SSL that affects your DLLs on updated Windows 7, 8 but what? I tried many things and fixes but without success.
Ok., so I decided to upgrade old DLLs to your newest version 9.5.0. I work on Windows 7 64-bit last updated 14-01-2015 and on this computer my application works fine. I changed my code to connect to the new objects:
Chilkat_9_5_0.Http.1 instad of ChilkatHttp.ChilkatHttp.1
Chilkat_9_5_0.HttpRequest.1 instead of ChilkatHttp.ChilkatHttpRequest.1
Chilkat_9_5_0.HttpResponse.1 instead of ChilkatHttp.ChilkatHttpResponse.1
I removed ProxyPartialUrl = 1 setting which is not used in Chilkat_9_5_0
run the code and after PostXml now I get the following error:
If, in the very same code, I use old DLLs from 2009, then PostXml works like a charm again. Why is this upgrade to 9.5.0 not working? Why is the old code failing on updated Windows 7, 8? Please help...
asked Jul 03 '15 at 11:05
Windows 7 and 8 received updates to SSL to disable weak ciphers and fix issues with implementation issues. These updates did not apply to Windows XP as it is EOL and no longer receives any security fixes.
It's likely that your new code is failing because the URL you are trying to connect to is using an old SHA1 certificate signature rather than SHA2, and has a bunch of other issues. Try running an SSL test scan at https://www.ssllabs.com/ssltest/ for more details.
I'm not entirely familiar with the SSL changes in Chilkat, but see http://www.cknotes.com/category/release-notes/ and search for SSL to see all the changes that have occurred. It appears that the default is now to use TLS 1.2 if available which your test URL does not support, and also isn't available in Windows XP which would explain why that would still work with the new code. Also see the comments regarding the SSL FREAK issues earlier in the year http://www.chilkatforum.com/questions/7804/ftp2-ssltls-and-ssh-ciphers-freak-attack , you may have to manually add the appropriate ciphers to allow your application to connect to your test server.
answered Jul 06 '15 at 07:18
AgeofStrife, thanks a lot for your answer, it solved the case. https://www.ssllabs.com/ssltest/ shows everything quite clearly. I used SslProtocol="TLS 1.0" in the newest version of the HTTP object and it works on all Windows versions again. Interestingly, setting SslProtocol="TLS 1.0 or higher" still doesn't work, and it might be fixed in the future release but at this point I am happy with what I have, Thanks a lot again!
answered Jul 10 '15 at 05:40