使用客户端证书sslv3握手增强asio GET失败 [英] Boost asio GET with client certificate sslv3 hand shake failed
问题描述
我想做一个简单的C ++网站,类似于该curl命令所完成的工作.我可以通过boost使用asio.我必须使用Boost 1.49
I want to do a simple C++ web get similar to what is done by this curl command. I can use asio from boost. I must use boost 1.49
curl https://mysite.dev/api/v1/search?q=测试 -k --cert C:\ work \ testCert.pem
curl https://mysite.dev/api/v1/search?q=test -k --cert C:\work\testCert.pem
服务器需要客户端证书.
The server is requiring the client certificate.
我以这个示例为开始,并且我通过添加对类似上下文的调用来添加了修改
and I added modifications by adding calls to the context like
ctx.set_options(boost::asio::ssl::context::default_workarounds);
ctx.use_certificate_file("C:\\work\\testCert.pem", boost::asio::ssl::context_base::pem);
ctx.use_private_key_file("C:\\work\\testKey.pem", boost::asio::ssl::context_base::pem);
我的请求如下:
获取/api/v1/search?q = test HTTP/1.0
主机:mysite.dev
接受:*/*
GET /api/v1/search?q=test HTTP/1.0
Host: mysite.dev
Accept: */*
但是我一直收到这样的消息
but I keep getting messages like this
错误:sslv3警报握手失败
Error: sslv3 alert handshake failure
很明显,握手过程中我缺少一个步骤
clearly there is a step I am missing in the handshake process
推荐答案
解决方案是禁用SSLv3支持,显然大多数服务器由于设计缺陷而禁用了该功能.
The solution was to disable SSLv3 support, appartently most servers disable this because of design flaws.
ctx.set_options(boost::asio::ssl::context::default_workarounds |
boost::asio::ssl::context::no_sslv2 |
boost::asio::ssl::context::no_sslv3);
这篇关于使用客户端证书sslv3握手增强asio GET失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!