客户端拒绝服务器证书
[英]client rejecting server certificate
问题描述
I am new to HTTPS/SSL.
我是 HTTPS/SSL 的新手。 I need to write a HTTPS client which will reject all the connection by saying unknown CA.我需要编写一个 HTTPS 客户端,它会通过说未知 CA 来拒绝所有连接。 As I understand (through wireshark capture) during SSL connection, first client will send the 'client hello' message.据我了解(通过wireshark捕获)在SSL连接期间,第一个客户端将发送“客户端问候”消息。 In reply to this server will send message with three record - 'server hello', certificate, 'server hello done'.作为对此服务器的回复,将发送带有三个记录的消息 - 'server hello'、certificate、'server hello done'。
What I am trying to achieve here is when the server will send certificate, client should always reject it.我在这里想要实现的是当服务器发送证书时,客户端应该总是拒绝它。
I am trying to achieve it with following code but no luck.我正在尝试使用以下代码来实现它,但没有运气。
How can I get LWP to validate SSL server certificates? 如何让 LWP 验证 SSL 服务器证书?
It's ok if solution is in some other language.如果解决方案是其他语言,那也没关系。
1 个解决方案
解决方案1
0 已采纳 2011-07-08 07:08:41
It should be enough to do the connection with no (or dummy) CA certificates known to the client.在客户端不知道(或虚拟)CA 证书的情况下进行连接就足够了。 Have you tried setting SSL_ca_path and SSL_ca_file to dummy values?您是否尝试将SSL_ca_path和SSL_ca_file设置为虚拟值?
Edit:编辑:
If any language goes, why not try openssl s s_client ?如果有任何语言,为什么不尝试openssl s s_client ?
openssl s_client -connect www.stackoverflow.com:443
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.