Setting Up SSL - Initial steps
Question
I'm trying to convert my sockets program over to SSL. I'm just laying out the initial setup, and have come upon some run-time errors that I don't know how to resolve. Note: there is a file called 'my_server.pem' in the same directory as the c file.
Can anyone help me? Thanks!
#include <openssl/bio.h> // BIO objects for I/O
#include <openssl/ssl.h> // SSL and SSL_CTX for SSL connections
#include <openssl/err.h> // Error reporting
int main(int argc, char *argv[]) {
// data structures for SSL
BIO *bio;
SSL *ssl;
SSL_CTX *ctx;
// initialize openSSL
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
// set up the SSL context
ctx = SSL_CTX_new(SSLv23_client_method());
if (ctx == NULL)
fprintf(stderr, "context is null\n");
// load the trust store
if (! SSL_CTX_load_verify_locations(ctx, "my_server.pem", NULL)) {
fprintf(stderr, "Error loading trust store\n");
ERR_print_errors_fp(stderr);
SSL_CTX_free(ctx);
return 0;
}
fprintf(stderr, "made it\n");
//...
return 0;
}
These are the error messages:
140735285130080:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('my_server.pem','r')
140735285130080:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:
140735285130080:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
2 answers
solution1
0 2013-12-08 04:14:16
From the error, it looks like it is unable to locate my_server.pem file. Even though it is in the same location of your C-code, it will be accessible to your program as it is by its name when it will be present in the working directory.
So, either move the file to working directory of the application or give a relative or absolute path to the file which points to this file.
To diagnose further, open your file with fopen in read mode and see the last error if it fails.
If your fopen is able to open the file, then there is some other problem.
solution2
0 2013-12-08 07:46:57
Try provide full path instead of "my_server.pem" example here .
Or alternatively, try put null instead of "my_server.pem" and put path to the directory instead of null refernce here .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.