Open chnex opened 8 years ago
venkata3903
commented
8 years ago Hi Chnex,
I am also struck at same point, getting "Error in SSL handshake". Is it solved or else any workaround for client certificate validation ..?
If anyone aware of this please comment ..!
levuphuong
commented
8 years ago hi venkata3903
you can by pass by error with snippet code.
http_client_config config; config.set_validate_certificates(false); http_client client(ip, config);
venkata3903
commented
8 years ago Hi levuphuong,
Thanks for the info.
I did the same in client side, but i want to validate client certificate from server. So i have used the following code on server
http_listener_config server_config; server_config.set_ssl_context_callback([&](boost::asio::ssl::context& ctx) { ctx.set_verify_mode(boost::asio::ssl::verify_peer | boost::asio::ssl::verify_fail_if_no_peer_cert); }
even i use config.set_validate_certificates(false) on client , by adding above ctx.set_verify_mode in server , getting "Error in SSL handshake".
Thanks, Venkata3903
I was using the following code to add server certificate to http_listener, also tried to verify the certificate of external clients who are trying to connect to http_listener. The server certificate (line 5,6) works well, but as long as I add line 7, ssl handshake will fail, i.e. at client side, I could see --> ClientHello, <-- ServerHello/Certificate/CertificateRequest, --> Certificate/ClientKeyExchange/CertificateVerify, then no response from the server, and TLS 1.2 Handshake Finished, with this error: 140279477085840:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177. Is this a known issue? Thanks.