本文整理汇总了C++中SSL_CTX_use_certificate_file函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_CTX_use_certificate_file函数的具体用法?C++ SSL_CTX_use_certificate_file怎么用?C++ SSL_CTX_use_certificate_file使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_CTX_use_certificate_file函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: SSL_load_error_strings
bool SSLTCPSocket::initSSL(char* certPath, char* keyPath) {
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
serverContext = SSL_CTX_new(SSLv23_server_method());
SSL_CTX_set_options(serverContext, SSL_OP_SINGLE_DH_USE);
if (!SSL_CTX_use_certificate_file(serverContext, certPath, SSL_FILETYPE_PEM)) {
return false;
}
if (!SSL_CTX_use_PrivateKey_file(serverContext, keyPath, SSL_FILETYPE_PEM)) {
return false;
}
clientContext = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_options(clientContext, SSL_OP_SINGLE_DH_USE);
return true;
}示例2: SSL_CTX_use_certificate_chain_file
int SslContext::setCertificateFile(const char *pFile, int type,
int chained)
{
int ret;
if (!pFile)
return 0;
::stat(pFile, &m_stCert);
if (init(m_iMethod))
return 0;
if (chained)
return SSL_CTX_use_certificate_chain_file(m_pCtx, pFile);
else
{
ret = loadCertFile(m_pCtx, pFile, type);
if (ret == -1)
return SSL_CTX_use_certificate_file(m_pCtx, pFile,
translateType(type));
return ret;
}
}示例3: vio_set_cert_stuff
static int
vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file, const char *key_file,
enum enum_ssl_init_error* error)
{
DBUG_ENTER("vio_set_cert_stuff");
DBUG_PRINT("enter", ("ctx: 0x%lx cert_file: %s key_file: %s",
(long) ctx, cert_file, key_file));
if (!cert_file && key_file)
cert_file= key_file;
if (!key_file && cert_file)
key_file= cert_file;
if (cert_file &&
SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0)
{
*error= SSL_INITERR_CERT;
DBUG_PRINT("error",("%s from file '%s'", sslGetErrString(*error), cert_file));
DBUG_EXECUTE("error", ERR_print_errors_fp(DBUG_FILE););示例4: SSL_CTX_new
void PosixSslServerSocket::loadCertificates( const std::string & certificateFile,
const std::string & keyFile ) {
SSL_CTX * sslContext;
int rc;
sslContext = SSL_CTX_new(SSLv3_server_method());
rc = SSL_CTX_load_verify_locations(sslContext,certificateFile.c_str(),keyFile.c_str());
if( rc <= 0 )
ERR_print_errors_fp(stdout);
rc = SSL_CTX_set_default_verify_paths(sslContext);
if( rc <= 0 )
ERR_print_errors_fp(stdout);
rc = SSL_CTX_use_certificate_file(sslContext,certificateFile.c_str(),SSL_FILETYPE_PEM);
if( rc <= 0 )
ERR_print_errors_fp(stdout);
rc = SSL_CTX_use_PrivateKey_file(sslContext,keyFile.c_str(),SSL_FILETYPE_PEM);
if( rc <= 0 )
ERR_print_errors_fp(stdout);
setSslContext(sslContext);
}示例5: loadCert
struct cert* loadCert(const char* cert, const char* key) {
const SSL_METHOD* method = SSLv23_method();
SSL_CTX* ctx = SSL_CTX_new(method);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM) < 0) {
return NULL;
}
if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) < 0) {
return NULL;
}
if (!SSL_CTX_check_private_key(ctx)) {
return NULL;
}
struct cert* oc = xmalloc(sizeof(struct cert));
oc->isDummy = 0;
oc->ctx = ctx;
oc->certf = cert;
oc->key = key;
return oc;
}示例6: ssl_start_client
ssl_client * ssl_start_client(int fd, struct sockaddr * remote_addr){
ssl_ensure_initialized();
SSL_CTX * ctx = SSL_CTX_new(DTLSv1_client_method());
SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5:!RC4");
if (!SSL_CTX_use_certificate_file(ctx, "certs/client-cert.pem", SSL_FILETYPE_PEM))
printf("\nERROR: no certificate found!");
if (!SSL_CTX_use_PrivateKey_file(ctx, "certs/client-key.pem", SSL_FILETYPE_PEM))
printf("\nERROR: no private key found!");
if (!SSL_CTX_check_private_key (ctx))
printf("\nERROR: invalid private key!");
SSL_CTX_set_verify_depth (ctx, 2);
SSL_CTX_set_read_ahead(ctx, 1);
SSL * ssl = SSL_new(ctx);
// Create BIO, connect and set to already connected.
BIO * bio = BIO_new_dgram(fd, BIO_CLOSE);
BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, remote_addr);
SSL_set_bio(ssl, bio, bio);
int ret = SSL_connect(ssl);
if(ret < 0){
handle_ssl_error(ssl, ret);
}
{
struct timeval timeout;
timeout.tv_sec = 3;
timeout.tv_usec = 0;
BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
}
ssl_client * cli = alloc0(sizeof(ssl_client));
cli->ssl = ssl;
cli->ctx = ctx;
return cli;
}示例7: SSL_library_init
SSL_CTX *setup_tls()
{
SSL_CTX *tlsctx;
SSL_library_init();
SSL_load_error_strings();
tlsctx = SSL_CTX_new(TLSv1_server_method());
if (tlsctx == NULL){
#ifdef DEBUG
fprintf(stderr, "wss: SSL error: %s\n", ERR_error_string(ERR_get_error(), NULL));
#endif
return NULL;
}
#ifdef DEBUG
fprintf(stderr, "%s: tlsctx (%p)\n", __func__, tlsctx);
#endif
SSL_CTX_set_options(tlsctx, SSL_OP_SINGLE_DH_USE);
if (!SSL_CTX_use_certificate_file(tlsctx, TLS_CERT, SSL_FILETYPE_PEM)){
#ifdef DEBUG
fprintf(stderr, "%s: SSL error: %s\n", __func__, ERR_error_string(ERR_get_error(), NULL));
#endif
SSL_CTX_free(tlsctx);
return NULL;
}
if (!SSL_CTX_use_PrivateKey_file(tlsctx, TLS_KEY, SSL_FILETYPE_PEM)) {
#ifdef DEBUG
fprintf(stderr, "%s: SSL error: %s\n", __func__, ERR_error_string(ERR_get_error(), NULL));
#endif
SSL_CTX_free(tlsctx);
return NULL;
}
//SSL_CTX_set_session_cache_mode(tlsctx, SSL_SESS_CACHE_OFF);
return tlsctx;
}示例8: showError
bool
SecureSocket::loadCertificates(String& filename)
{
if (filename.empty()) {
showError("ssl certificate is not specified");
return false;
}
else {
std::ifstream file(filename.c_str());
bool exist = file.good();
file.close();
if (!exist) {
String errorMsg("ssl certificate doesn't exist: ");
errorMsg.append(filename);
showError(errorMsg.c_str());
return false;
}
}
int r = 0;
r = SSL_CTX_use_certificate_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
if (r <= 0) {
showError("could not use ssl certificate");
return false;
}
r = SSL_CTX_use_PrivateKey_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
if (r <= 0) {
showError("could not use ssl private key");
return false;
}
r = SSL_CTX_check_private_key(m_ssl->m_context);
if (!r) {
showError("could not verify ssl private key");
return false;
}
return true;
}示例9: init_ssl
int init_ssl(void)
{
SSL_METHOD *method;
SSL_library_init();
SSL_load_error_strings();
method = TLSv1_server_method();
if(method == NULL) {
syslog(LOG_ERR, "TLSv1_server_method() failed");
syslogsslerr();
return -1;
}
ssl_ctx = SSL_CTX_new(method);
if(ssl_ctx == NULL) {
syslog(LOG_ERR, "SSL_CTX_new() failed");
syslogsslerr();
return -1;
}
/* set the local certificate */
if(!SSL_CTX_use_certificate_file(ssl_ctx, HTTPS_CERTFILE, SSL_FILETYPE_PEM)) {
syslog(LOG_ERR, "SSL_CTX_use_certificate_file(%s) failed", HTTPS_CERTFILE);
syslogsslerr();
return -1;
}
/* set the private key */
if(!SSL_CTX_use_PrivateKey_file(ssl_ctx, HTTPS_KEYFILE, SSL_FILETYPE_PEM)) {
syslog(LOG_ERR, "SSL_CTX_use_PrivateKey_file(%s) failed", HTTPS_KEYFILE);
syslogsslerr();
return -1;
}
/* verify private key */
if(!SSL_CTX_check_private_key(ssl_ctx)) {
syslog(LOG_ERR, "SSL_CTX_check_private_key() failed");
syslogsslerr();
return -1;
}
/*SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, verify_callback);*/
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, verify_callback);
/*SSL_CTX_set_verify_depth(depth);*/
syslog(LOG_INFO, "using %s", SSLeay_version(SSLEAY_VERSION));
return 0;
}示例10: loadCertificates
void Network::loadCertificates() {
int out;
std::cout << "Loading Certificate:";
if ((out = SSL_CTX_use_certificate_file(sslContext, "/home/cameron/.heatSync/server.crt", SSL_FILETYPE_PEM)) != 1) { //todo: fix directory
std::cerr << "(" << __FILE__ << ":" << __LINE__ << ") SSL: " << ERR_error_string(out, NULL) << std::endl;
return;
}
std::cout << ".";
if ((out = SSL_CTX_use_PrivateKey_file(sslContext, "/home/cameron/.heatSync/server.key", SSL_FILETYPE_PEM)) != 1) {
std::cerr << "(" << __FILE__ << ":" << __LINE__ << ") SSL: " << ERR_error_string(out, NULL) << std::endl;
return;
}
std::cout << ".";
if (!(out = SSL_CTX_check_private_key(sslContext))) {
std::cerr << "(" << __FILE__ << ":" << __LINE__ << ") SSL: " << ERR_error_string(out, NULL) << std::endl;
return;
}
std::cout << ".";
std::cout << "Success" << std::endl;
}示例11: Java_com_wizzardo_epoll_EpollSSL_loadCertificates
JNIEXPORT void JNICALL Java_com_wizzardo_epoll_EpollSSL_loadCertificates(JNIEnv *env, jclass clazz, jlong sslContextPointer, jstring certFile, jstring keyFile){
SSL_CTX *ctx = (SSL_CTX *) sslContextPointer;
const char *CertFile = ((*env)->GetStringUTFChars(env, certFile, NULL));
const char *KeyFile = ((*env)->GetStringUTFChars(env, keyFile, NULL));
/* set the local certificate from CertFile */
if (SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
throwException(env, strerror(errno));
}
/* set the private key from KeyFile (may be the same as CertFile) */
if (SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
throwException(env, strerror(errno));
}
/* verify private key */
if (!SSL_CTX_check_private_key(ctx)) {
// fprintf(stderr, "Private key does not match the public certificate\n");
throwException(env, strerror(errno));
}
}示例12: setup_ssl
static int setup_ssl(const char *cert_file, const char *key_file)
{
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
accept_ctx.ssl_ctx = SSL_CTX_new(SSLv23_server_method());
SSL_CTX_set_options(accept_ctx.ssl_ctx, SSL_OP_NO_SSLv2);
/* load certificate and private key */
if (SSL_CTX_use_certificate_file(accept_ctx.ssl_ctx, cert_file, SSL_FILETYPE_PEM) != 1) {
fprintf(stderr, "an error occurred while trying to load server certificate file:%s\n", cert_file);
return -1;
}
if (SSL_CTX_use_PrivateKey_file(accept_ctx.ssl_ctx, key_file, SSL_FILETYPE_PEM) != 1) {
fprintf(stderr, "an error occurred while trying to load private key file:%s\n", key_file);
return -1;
}
return 0;
}示例13: LoadCertificates
void LoadCertificates(SSL_CTX* ctx, char* CertFile, char* KeyFile)
{
/* set the local certificate from CertFile */
if ( SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0 )
{
ERR_print_errors_fp(stderr);
abort();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if ( SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0 )
{
ERR_print_errors_fp(stderr);
abort();
}
/* verify private key */
if ( !SSL_CTX_check_private_key(ctx) )
{
fprintf(stderr, "Private key does not match the public certificate\n");
abort();
}
}示例14: ssl_init
int ssl_init(void)
{
if (!prng_init()) {
Debug((DEBUG_NOTICE, "PRNG seeded"));
}
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): SSL_load_error_strings()\n" );
SSL_load_error_strings();
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): OpenSSL_add_ssl_algorythms()\n");
OpenSSL_add_ssl_algorithms();
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): SSL_CTX_new()\n");
ctx = SSL_CTX_new(SSLv23_server_method());
if (!ctx) {
Debug((DEBUG_ERROR, "CTX_new: %s", ERR_error_string(ERR_get_error(), NULL)));
return 0;
}
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): SSL_CTX_use_certificate_file()\n");
if (SSL_CTX_use_certificate_file(ctx,
IRCD_CRT, SSL_FILETYPE_PEM) <= 0) {
(void)disable_ssl(1);
return 0;
}
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): SSL_CTX_use_PrivateKey_file()\n");
if (SSL_CTX_use_PrivateKey_file(ctx,
IRCD_KEY, SSL_FILETYPE_PEM) <= 0) {
(void)disable_ssl(1);
return 0;
}
if ((bootopt & BOOT_TTY) && (bootopt & BOOT_DEBUG))
(void)fprintf(stderr, "ssl_init(): SSL_CTX_check_private_key()\n");
if (!SSL_CTX_check_private_key(ctx)) {
(void)disable_ssl(1);
return 0;
}
return 1;
}示例15: LoadCertificates
void LoadCertificates(SSL_CTX* ctx, char* CertFile, char* KeyFile)
{
/* set the local certificate from CertFile */
if ( SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0 )
{
//ERR_print_errors_fp(stderr);
printf("The certificate is tampered ! Aborting now.\n");
exit(0);
//abort();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if ( SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0 )
{
//ERR_print_errors_fp(stderr);
printf("The key is tampered ! Aborting now.\n");
exit(0);
}
/* verify private key */
if ( !SSL_CTX_check_private_key(ctx) )
{
fprintf(stderr, "Private key does not match the public certificate\n");
exit(0);
}
if (!SSL_CTX_load_verify_locations(ctx,"/home/shagun/ca/certs/cacert.pem",NULL)) {
//ERR_print_errors(bio_err);
ERR_print_errors_fp(stderr);
exit(1);
}
/* Set to require peer (client) certificate verification */
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
/* Set the verification depth to 1 */
SSL_CTX_set_verify_depth(ctx,1);
}