similar question
My business is different. I wrote an SSL client using boost::asio::ssl, but currently does not have a server for testing, as it is being developed by another group. Thus, a real server accepts only simple TCP (insecure) connections. When I used my ssl client against the server, the lock handshake()hangs / never returns. I searched the network and realized that Mozilla had similar problems - it hung up when starting an SSL connection with a support server other than ssl, but their error was fixed. I will simply explain parts of my code to make sure there is no coding error:
in ctor:
SecuredConnectionPolicy<ThreadPolicy>::SecuredConnectionPolicy() :
m_sslContext(boost::asio::ssl::context::sslv23),
m_socket(m_ioService, m_sslContext)
{
}
then when my " connect(...)" is called :
m_sslContext.set_options(boost::asio::ssl::context::default_workarounds);
m_sslContext.set_verify_mode(
boost::asio::ssl::context::verify_none,
errorCode
);
if(!errorCode)
{
if(!errorCode)
{
m_sslContext.load_verify_file("newcert.pem", errorCode);
if(!errorCode)
{
m_socket.lowest_layer().connect(remoteEndpoint, errorCode);
if(!errorCode)
{
m_socket.handshake(boost::asio::ssl::stream_base::client, errorCode);
if(errorCode)
{
std::cerr << "Secured Connection Handshake Failed! " << errorCode.message() << std::endl;
}
}
else
{
std::cerr << "Secured Connection Failed! " << errorCode.message() << std::endl;
}
}
else
{
std::cerr << "Secured Connection loading certificate files from default paths Failed! " << errorCode.message() << std::endl;
}
}
else
{
std::cerr << "Registering Verification callback failed! " << errorCode.message() << std::endl;
}
}
else
{
std::cerr << "Secured Connection verify mode Failed! " << errorCode.message() << std::endl;
}
? - ?
verify_callback, , preverification, OpenSSL ( boost , OpenSSL) . , < 1 > ?
, , , : boost , ssl , ctor ssl::stream<tcp::socket>. , , ( ctor ), connect(). ssl:: stream ( , )?
( ), CA rootKey, CA PEM, , CA. CA - , load_verify_file(...).