From sgcWebSockets 4.1.3 a new WebSocket server is available, it's based on Microsoft HTTP Server API and it's available for Windows 8 and later. It's IOCP (Input Output Completion Ports) and asynchronous (non-blocking) based and can efficiently serve multiple clients (without using one thread per connection like Indy).

Example: if websocket connections are stablished in ws://127.0.0.1/ws url, just set server with these parameters (server requires admin rights to access to HTTP API).

 

oServer := TsgcWebSocketServer_HTTPAPI.Create(nil);

oServer.Host := '127.0.0.1';

oServer.Port := 80;

oServer.Parameters := '/ws';

oServer.Active := True;

 

 

 

When a WebSocket server requires secure connections, you can get an error message like this when a client tries to connect to server:

 

  Error connecting with SSL. error:XXXXXXXX:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version

 

This error means that your client is trying to connect using a TLS version which is not supported by server. To resolver this error you must handle OnSSLAfterCreateHandler of websocket client component and set a newer TLS version. For example: here we are setting TLS 1.2 as protocol version.

 

procedure OnSSLAfterCreateHandler(Sender: TObject; aType: TwsSSLHandler; aSSLHandler: TIdSSLIOHandlerSocketBase);
begin
   TIdServerIOHandlerSSLOpenSSL(aSSLHandler).SSLOptions.Method:= sslvTLSv1_2;
end;

 

Starting from 4.0 sgcWebSockets version, there is a new client component TsgcWebSocketClient_WinHTTP based on WinHTTP API which is not based on indy like TsgcWebSocketClient. All of them, can connect to WebSocket server, but here are some differences between these components, let's see the main features of each one.

  • Yes, requires OpenSSL
  • No, only Blocking mode
  • Yes, Requires Win8.+

 

When a connection is secure, sometimes it's interesting to get certificate info to show user company name for example. To do this, just use OnSSLGetHandler, where you can access to some SSL properties and handle OnVeryPeerEvent, where there is a parameter called Certificate, where you can get certificate info.

 

procedure OnSSLGetHandler(Sender: TObject; aType:
    TwsSSLHandler; var aSSLHandler: TIdSSLIOHandlerSocketBase);
begin
  aSSLHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
  TIdSSLIOHandlerSocketOpenSSL(aSSLHandler).SSLOptions.VerifyMode := [sslvrfPeer];
  TIdSSLIOHandlerSocketOpenSSL(aSSLHandler).SSLOptions.Method := sslvTLSv1;
  TIdSSLIOHandlerSocketOpenSSL(aSSLHandler).SSLOptions.Mode := sslmClient;

  TIdSSLIOHandlerSocketOpenSSL(aSSLHandler).OnVerifyPeer := OnVerifyPeerEvent;
end;


function OnVerifyPeerEvent(Certificate: TIdX509; AOk: Boolean;
    ADepth: Integer): boolean;
begin
  Result := True;

// ... read certificate properties
//  Certificate
end;