원클릭으로
horse-ssl-tls
Guide to enabling SSL/TLS, configuring HTTPS, handling certificates, and securing transport layers.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Guide to enabling SSL/TLS, configuring HTTPS, handling certificates, and securing transport layers.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Guidelines and workflows for developing and maintaining regular expressions and optional parameter routing features in the Horse framework.
Guidelines for registering, executing, and optimizing native high-precision telemetry hooks (AddOnTelemetry) in the Horse Web Framework.
Guidelines for instantiating and configuring independent Horse server instances (THorseInstance) running concurrently on different ports.
Guide for setting up thread-safe database connection pooling (FireDAC / UniDAC) in multithreaded Horse applications.
Guide for managing request-scoped contextual services and IoC (dependency injection) in Delphi and Lazarus.
Guide to using standard Horse middlewares (CORS, Jhonson, compression, basic-auth, logger) and pipeline registration order.
| name | horse-ssl-tls |
| description | Guide to enabling SSL/TLS, configuring HTTPS, handling certificates, and securing transport layers. |
In production environments, always encrypt data in transit using SSL/TLS. Depending on the transport provider you select, the configuration for HTTPS differs.
When using the native Horse.Provider.HTTPsys provider on Windows, the SSL handshake is handled entirely by the operating system kernel.
You do not configure certificates inside your Delphi code. Instead, bind your SSL certificate (using its thumbprint) to the target port using the Windows command line tool netsh (requires Administrator privileges):
netsh http add sslcert ipport=0.0.0.0:443 certhash=YOUR_CERT_THUMBPRINT appid={YOUR-APP-GUID}
Just start the Horse server normally. HTTP.sys will route HTTPS traffic on the bound port to your application automatically:
program SecureAPI;
{$APPTYPE CONSOLE}
uses
Horse,
Horse.Provider.HTTPsys;
begin
THorse.Get('/ping',
procedure(Req: THorseRequest; Res: THorseResponse; Next: TProc)
begin
Res.Send('pong');
end);
// Starts the server. HTTP.sys routes both HTTP/HTTPS automatically depending on OS bindings.
THorse.Listen(443);
end.
The horse-provider-ics provider handles OpenSSL 1.1.1 / 3.x / 4.x directly within the application process.
Load your certificate .pem or .crt files and private key files during initialization:
uses
Horse,
Horse.Provider.ICS;
begin
// Set up SSL certificate paths and properties fluently
THorse.Provider.ICS.SSLSecured := True;
THorse.Provider.ICS.SSLCertFile := 'C:\certs\server.crt';
THorse.Provider.ICS.SSLPrivateKeyFile := 'C:\certs\server.key';
THorse.Provider.ICS.SSLPassword := 'my_private_key_password';
// Optionally enable Server-side Mutual TLS (mTLS)
THorse.Provider.ICS.SSLVerifyPeer := True;
THorse.Provider.ICS.SSLCACertFile := 'C:\certs\ca.crt'; // CA certificate to verify clients
THorse.Get('/ping',
procedure(Req: THorseRequest; Res: THorseResponse; Next: TProc)
begin
Res.Send('pong');
end);
THorse.Listen(8443);
end.
For the async CrossSocket provider, configure the TLS context in your server instance:
uses
Horse,
Horse.Provider.CrossSocket;
begin
// Enable SSL/TLS and load certificates (requires OpenSSL library binaries on PATH)
THorse.Provider.CrossSocket.SSLSecured := True;
THorse.Provider.CrossSocket.SSLCertFile := 'C:\certs\server.crt';
THorse.Provider.CrossSocket.SSLPrivateKeyFile := 'C:\certs\server.key';
THorse.Listen(8443);
end.
Strict-Transport-Security header to response headers to force browsers to connect only via HTTPS.443.