使用libcurl实现https服务器/客户端双验证
我用openssl制作了自签名证书,在linux下用nginx搭建了https双验证的服务器,并使用web浏览器测试可用,自签名证书也可用,但是使用libcurl写的双验证程序编译运行就提示签名证书的错误问题,是libcurl不支持自签名证书么?
curl_easy_setopt(curl, CURLOPT_URL, recbuf);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, file_download);//当有数据被写入,回调函数被调用
curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream); //设置文件流指针传递给回调函数
curl_easy_setopt(curl, CURLOPT_TIMEOUT, 120);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1); //调试用
curl_easy_setopt(curl,CURLOPT_COOKIESESSION,1L);
curl_easy_setopt(curl,CURLOPT_COOKIEFILE,"/dev/null");
curl_easy_setopt(curl,CURLOPT_CAPATH,"/home/mywork/CS_load/");
curl_easy_setopt(curl,CURLOPT_CAINFO,"private.crt");
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1);
// curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,0L);
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYHOST,2);
#if 1
/* 双向验证下面是客户端的CA*/
//curl_easy_setopt(curl,CURLOPT_CAPATH,"./");
curl_easy_setopt(curl,CURLOPT_SSLCERT,"client.pem");
curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"swear");
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
curl_easy_setopt(curl,CURLOPT_SSLKEY,"client-key.pem");
curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,"swear");
curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"PEM");
#endif