OpenSSL 3.0 moved several deprecated or insecure algorithms into an internal library module called legacy provider. It is not loaded by default, so apps (or their language runtimes) that use OpenSSL for cryptographic operations cannot use such algorithms when loading certificates, creating message digests ...
If you try to load a p12 certificate for example you'll get an error. If you want to load a p12 certificate using the sgcIndy or sgcWebSockets you must deploy the legacy.dll library and enable some properties in the components.
Currently you can download the legacy.dll with the latest openSSL 3.3 version.
sgcWebSockets
- Set the property OpenSSL_Options.Legacy.Enabled to True.
- Set the location of the Legacy library.
- OpenSSL_Options.Legacy.LibPath: here you can configure where is located the legacy library
- oslpNone: this is the default, the legacy library should be in the same folder where is the binary or in a known path.
- oslpDefaultFolder: sets automatically the legacy library path where the libraries should be located for all IDE personalities.
- oslpCustomFolder: if this is the option selected, define the full path in the property LibPathCustom.
- OpenSSL_Options.Legacy.LibPathCustom: when LibPath = oslpCustomFolder define here the full path where are located the legacy library.
- OpenSSL_Options.Legacy.LibPath: here you can configure where is located the legacy library
sgcIndy
- Set the property SSLOptions.Legacy to True.
- Before start the server or client, set the path where the legacy.dll library it's located. Use the function IdOpenSSLSetOSSLPath and pass the path as argument.