fpc main branch: 3.3.1-12117-gc1ec558d0a consider the following test program: ````pascal program project1; uses Sysutils, Classes, sockets, ssockets, sslsockets, openssl, opensslsockets; type { TApp } TApp = class Sock: TInetSocket; SSLHandler: TSSLSocketHandler; constructor Create; destructor Destroy; override; procedure OnVerify(Sender: TObject; var Allow: Boolean); end; var App: TApp; { TApp } constructor TApp.Create; begin SSLHandler := TSSLSocketHandler.GetDefaultHandler; SSLHandler.OnVerifyCertificate := @OnVerify; //SSLHandler.VerifyPeerCert := True; Sock := TInetSocket.Create('test.mosquitto.org', 8883, 1000, SSLHandler); writeln('begin connect'); Sock.Connect; writeln('end connect'); end; destructor TApp.Destroy; begin Sock.Free; inherited Destroy; end; procedure TApp.OnVerify(Sender: TObject; var Allow: Boolean); var S: TOpenSSLSocketHandler; begin Writeln('OnVerify'); S := Sender as TOpenSSLSocketHandler; writeln('cert assigned: ', Assigned(S.SSL.PeerCertificate)); writeln('cert info: ', S.SSL.CertInfo); end; begin App := TApp.Create; App.Free; end. ```` If I compile and run this on Ubuntu 22.04 LTS it will output the following because I cannot access the certificate inside the OnVerifyCertificate callback: ```` $ ./project1 begin connect OnVerify cert assigned: FALSE cert info: end connect ```` Note that I can connect and transfer data without problems, I just have no means to verify the certificate anymore! I have seen a commit half a year ago that just changed the version number, it is only in the main branch, which means current fpc release (even fixes) can not use OpenSSL on Linux at all (quite a show stopper IMHO), but I suspect this simple patch was not enough. If compiled for Windows with libcrypto-1_1-x64.dll and libssl-1_1-x64.dll in the same directory (cannot test 1.1 on Linux, don't have such ancient distribution anymore) it will output the following (which is what I expected to happen, I can access the certificate data from within OnVerifyCertificate just fine): ```` $ wine project1.exe begin connect OnVerify cert assigned: TRUE cert info: Certificate: Data: Version: 1 (0x0) Serial Number: 7d:d3:9b:4f:dc:5b:f7:2d:0f:0c:04:7e:b8:f3:23:9e:c1:9b:b7:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=United Kingdom, L=Derby, O=Mosquitto, OU=CA, CN=mosquitto.org/emailAddress=roger@atchoo.org Validity Not Before: Jun 9 11:21:56 2020 GMT Not After : Jun 6 11:21:56 2030 GMT Subject: C=GB, ST=United Kingdom, L=Derby, O=Mosquitto, OU=Public server, CN=test.mosquitto.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:84:b2:2d:99:6d:68:7c:06:9c:a7:f2:15:c9: cb:37:c7:85:23:ae:18:d6:24:f1:7f:dd:3a:80:d8: a9:1c:b3:b4:4a:09:a9:5d:3a:6d:48:8f:5d:79:e1: 8d:1a:23:1a:c3:25:8f:fc:2e:0f:44:ba:90:da:11: e4:b8:67:68:c1:ca:2c:9b:a8:99:e9:65:3e:2c:7e: 8d:8e:b2:5c:48:53:b2:60:e2:74:f8:ad:bd:c1:f8: d8:82:66:30:b1:dd:ee:e4:97:22:77:cf:b2:ba:b2: 1e:6b:a4:b6:3f:87:30:b7:e0:9b:c4:71:18:01:3e: f4:fd:22:ee:bc:37:38:9e:55:93:38:e1:6b:de:dd: 99:2b:f8:65:a8:28:fc:e9:46:32:1e:7e:07:79:a9: e5:2e:50:08:a1:a6:59:31:ea:9b:b9:3a:46:6f:ed: a6:80:8d:5c:c9:43:eb:43:24:54:18:fc:02:5f:53: bd:78:ea:85:f9:5c:e7:9c:3a:12:15:0c:69:d3:37: 0b:ce:1d:db:67:b7:8a:c6:77:17:5f:97:a6:3b:df: 7d:b3:d3:74:44:4b:91:67:79:6f:56:7a:6b:78:1c: 1c:ca:7c:1e:5b:b2:88:0a:0c:80:ec:ae:4e:d7:81: c6:60:aa:7b:c7:40:5a:f7:38:77:17:b6:7f:c0:69: 4a:21 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption ba:6f:99:ce:e1:29:21:6b:ba:e0:5c:4b:e2:96:fd:2c:1f:37: 27:8f:df:97:6a:f7:78:4d:35:04:f0:ff:ec:7d:55:e7:b1:ec: df:5e:21:f7:1f:e4:d8:23:a9:16:7a:c1:db:bc:b4:6b:b8:0a: 57:8f:c0:0b:6a:bf:34:82:9d:58:9d:63:f5:e6:c2:22:f5:43: 8b:ae:60:d6:ed:11:84:a5:92:b4:95:b9:60:96:fd:c5:3a:21: 89:de:7e:77:e2:70:24:ea:00:bf:90:18:64:5c:a7:95:62:42: a4:94:47:d4:0c:9b:e8:18:fa:85:a9:dd:9a:14:b9:ed:bd:d7: f9:b1:4d:a9:d6:0a:cf:ee:1d:80:d0:2a:ef:f1:ae:f9:7b:4f: d6:6b:96:a2:05:d4:7b:a1:95:92:88:64:3d:d6:6b:66:4a:f7: fb:61:b1:a4:27:07:bd:78:60:1e:a5:8a:93:e3:56:79:05:d6: 3b:49:5f:e0:e3:f5:d7:15:21:13:30:6e:44:0a:99:70:71:b1: 7e:18:e4:38:f4:85:89:1f:8e:86:93:20:75:93:d7:3f:ff:07: b9:42:75:66:4a:8f:b8:f1:35:7c:68:7c:d7:00:91:bf:f3:9b: 83:80:58:0a:e9:ad:33:f2:06:3c:8e:de:8b:fd:e8:8d:ea:96: 09:67:7d:a7 end connect ````