我正試圖在客戶端中實施證書驗證。 我總是收到SSL Exception: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed after 893ms
,我確定它是有效的,試圖通過這種方式獲取google.com並失敗。我正在使用RejectCertificateHandler,因爲文檔狀態如下:無法通過Poco驗證服務器證書
A RejectCertificateHandler is invoked whenever an error occurs verifying the certificate. It always rejects the certificate.
A AcceptCertificateHandler is invoked whenever an error occurs verifying the certificate. It always accepts the certificate. Should be using for testing purposes only.
我在做什麼錯?這裏是我的代碼:
Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> pAcceptCertHandler = new Poco::Net::RejectCertificateHandler(true);
Poco::Net::Context::Ptr pContext = new Poco::Net::Context(Poco::Net::Context::CLIENT_USE, "", "", "", Poco::Net::Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
Poco::Net::SSLManager::instance().initializeClient(NULL, pAcceptCertHandler, pContext);
Poco::Net::HTTPSClientSession session(uri.getHost(), uri.getPort(), pContext);
std::string path(uri.getPathAndQuery());
Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_GET, path, Poco::Net::HTTPMessage::HTTP_1_1);
initializeHttpGetRequest(request);
session.sendRequest(request);
session.setKeepAlive(true);
Poco::Timespan timespan(0, 0, 10, 0, 0);
session.setKeepAliveTimeout(timespan);
Poco::Net::HTTPResponse res;
std::istream & is = session.receiveResponse(res);
responseCode = res.getStatus();
我建議,要麼inhering'InvalidCertificateHandler'向我們展示的輸出,或使用'ConsoleCertificateHandler'向我們展示了輸出。這會幫助我們回答你的問題。無論哪種方式,問題在於驗證,它可能是您使用的密碼列表。 – kobigurk
'警告:證書驗證失敗 ---------------------------------------- 頒發者名稱:/ C = IE/O = Baltimore/OU = CyberTrust/CN = Baltimore CyberTrust Root 使用者名稱:/ C = US/O = DigiCert Inc/OU = www.digicert.com/CN = DigiCert High Assurance EV Root CA ' 證書產生錯誤:無法獲取本地發行者證書 – Thunder
您可能沒有將Digicert作爲您計算機中的可信根權限。如果它是我們正在討論的Windows,請查看'certmgr.msc'。我相信這是你的問題。 – kobigurk