(12175) Error in Server SSL Certificate

BIZ TMS Sparkle
1

I am using Sparkle THttpClient to call several customer APIs for integration.
The requests work fine with other customer API servers, but with one specific customer’s API I get the following error:

Could not perform WinHttp operation.
Error: (12175) Error in Server SSL Certificate
SSL Library internal error.

According to the customer, their server supports TLS 1.2 and TLS 1.3.

Below is the code I am currently using:

TWinHttpEngine(FClient.Engine).BeforeWinHttpSendRequest :=
  procedure(Handle: HINTERNET)
  var
    dwFlags: DWORD;
  begin
    dwFlags := SECURITY_FLAG_IGNORE_UNKNOWN_CA or
      SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE or
      SECURITY_FLAG_IGNORE_CERT_CN_INVALID or
      SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;
    WinHttpCheck(WinHttpSetOption(
      Handle, WINHTTP_OPTION_SECURITY_FLAGS, @dwFlags, SizeOf(dwFlags)
    ));
  end;

TWinHttpEngine(FClient.Engine).BeforeWinHttpSendRequest :=
  procedure(Handle: HINTERNET)
  var
    dwFlags: DWORD;
  begin
    dwFlags := WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2;
    WinHttpCheck(WinHttpSetOption(
      Handle, WINHTTP_OPTION_SECURE_PROTOCOLS, @dwFlags, SizeOf(dwFlags)
    ));
  end;

FClient.OnSendingRequest :=
  procedure(Req: THttpRequest)
  begin
    Req.Headers.SetValue('content-type', 'application/json');
  end;

etc...
2

Why are you manually setting all those configuration options?
Does the error still happen if you simply remove all that?
Does the API can be reachable from your machine from clients different than WinHTTP? Like from the web browser, or from curl command-line?