[C++] SSL_CTX_use_certificate_file求救!!!
一段简单的代码如下:
#define CA_CERT_PATH "./pem"
#define RSA_CLIENT_CERT "./pem/PushChatCert.pem"
#define RSA_CLIENT_KEY "./pem/PushChatKey.pem"
bool CAPNSClient::InitAPNSClient()
{
ReleaseConnection();
// 初始化 SSL 算法库函数,调用 SSL 系列函数之前必须调用此函数!
SSL_library_init();
// 加载 SSL 抽像库错误信息
SSL_load_error_strings();
// 加载 BIO 抽象库的错误信息
//ERR_load_BIO_strings();
// 加载所有加密和散列函数
OpenSSL_add_all_algorithms();
/* Create an SSL_METHOD structure 设置客户端使用的 SSL 协议算法*/
m_pMeth = TLS_client_method();
/* Create an SSL_CTX structure 创建 SSL 上下文*/
m_pCtx = SSL_CTX_new(m_pMeth);
if(NULL == m_pCtx)
{
ERRLOG("Could not get SSL Context");
return false;
}
/* Load the CA from the Path 加载可信任的 CA 证书(路径) */
if(0 == SSL_CTX_load_verify_locations(m_pCtx, NULL, CA_CERT_PATH))
{
/* Handle failed load here */
ERRLOG("Failed to set CA location:%s", ERR_error_string( ERR_get_error(), NULL ));
return false;
}
/* Load the client certificate into the SSL_CTX structure 加载客户端证书*/
if (0 == SSL_CTX_use_certificate_file(m_pCtx, RSA_CLIENT_CERT, SSL_FILETYPE_PEM))
{
ERRLOG("Cannot use Certificate File:%s", ERR_error_string( ERR_get_error(), NULL ));
return false;
}
SSL_CTX_set_default_passwd_cb_userdata(m_pCtx, (void*)"Memo_Server");
/* Load the private-key corresponding to the client certificate 加载客户端私钥文件*/
if (0 == SSL_CTX_use_PrivateKey_file(m_pCtx, RSA_CLIENT_KEY, SSL_FILETYPE_PEM))
{
ERRLOG("Cannot use Private Key:%s", ERR_error_string( ERR_get_error(), NULL ));
return false;
}
/* Check if the client certificate and private-key matches 验证私钥是否与证书一致*/
if (0 == SSL_CTX_check_private_key(m_pCtx))
{
ERRLOG("Private key does not match the certificate public key");
return false;
}
return true;
}
SSL_CTX_use_certificate_file报错:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small
关键是我在镜像环境运行完全正常,移到主环境就出现此问题。两个环境的证书保证是一模一样的。网上完全搜不到此错误的描述。
快疯了,谁来帮帮我!多谢!!!