问题描述
我正在尝试使用 boost asio 作为 Rest API 的一部分连接到 https 服务器。但是,我可以得到它。服务器具有自签名证书。我禁用了验证,但随后在握手中显示“dh 密钥太小”。
这是我的代码:
#include <iostream>
#include <boost/asio.hpp>
#include <boost/bind.hpp>
#include <boost/lambda/bind.hpp>
#include <boost/lambda/lambda.hpp>
#include <boost/asio/ssl.hpp>
using namespace std;
using namespace boost;
int main(){
try{
asio::io_service ioService;
asio::ssl::context sslContext(asio::ssl::context::sslv23);
asio::ip::tcp::resolver resolver(ioService);
asio::ip::tcp::resolver::query query("201.175.33.14","9005");
asio::ip::tcp::resolver::iterator endpointIterator = resolver.resolve(query);
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> socket(ioService,sslContext);
ioService.run();
// Enable SSL peer verification.
socket.set_verify_mode(asio::ssl::verify_none);
SSL_set_tlsext_host_name(socket.native_handle(),"201.175.33.14");
asio::connect(socket.lowest_layer(),endpointIterator);
//------------------------------
//here is where the program fails
socket.handshake(asio::ssl::stream_base::client);
//---------------------------
boost::asio::streambuf request;
std::ostream requestStream(&request);
requestStream << "GET / HTTP/1.0\r\n";
requestStream << "Host: 201.175.33.14\r\n";
requestStream << "Accept: */*\r\n";
requestStream << "Connection: close\r\n\r\n";
asio::write(socket,request);
}catch (std::exception& e)
{
std::cout << e.what();
}
}
输出为:
握手:dh 键太小
关于如何解决问题的任何想法???? 谢谢
解决方法
添加行
SSL_CTX_set_cipher_list(sslContext.native_handle(),"HIGH:!DH:!aNULL");
在连接之前为我解决了问题。