gSOAP-如何使用SSL和自簽名證書

Question

我需要將跨平台程序連接到SOAP Web服務。 我已經編譯了gSOAP工具wsdl2h和soapcpp2，並使用這些工具從.wsdl文件生成了源代碼文件。 我在stdsoap2.h中放入了“ #define WITH_OPENSSL”定義，並以此方式使用了SSL。 問題是，當我致電服務時，呼叫返回錯誤30，這表示SSL錯誤，但我不知道真正的問題是什么。 我知道服務器會發送自簽名證書，因為這是一個測試環境。 確實，與此相關的錯誤消息已打印出來。 輸出為：

Creating SOAP objects ...
Calling SOAP httpAccessService:
SSL verify error or warning with certificate at depth 0: self signed certificate
certificate issuer /C=IT/ST=Milan/L=Milan/O=Company/OU=Company/CN=company.it
certificate subject /C=IT/ST=Milan/L=Milan/O=Company/OU=Company/CN=company.it
SOAP ERROR 30

我用來調用服務的函數是這樣的：

gSOAPTesting :: runTest（）{int result = 0; size_t requestSize; size_t responseSize;

char endpoint[1024];
char buffer[8192];

string SoapAction;
struct soap *soap_container; 

ApplicationConfigurationServiceSoapBindingProxy Proxy1;

_ns1__httpAccessService *httpAccessService;
_ns1__httpAccessServiceResponse *httpAccessServiceResponse;

printf("Creating SOAP objects ...\n");
soap_container = soap_new();
//soap_container->mode   
httpAccessService = (_ns1__httpAccessService *) soap_instantiate(soap_container , SOAP_TYPE___ns1__httpAccessService , "" , "" , &requestSize);
httpAccessServiceResponse = (_ns1__httpAccessServiceResponse *) soap_instantiate(soap_container , SOAP_TYPE___ns1__httpAccessService , "" , "" , &responseSize);

soap_ssl_init(); /* init OpenSSL (just once) */

if(soap_ssl_client_context(soap_container ,
SOAP_SSL_DEFAULT ,
NULL,
NULL,
NULL,
NULL,
NULL     
) != SOAP_OK)
{
   printf("SOAP SSL Initialization Failure\n");  
   soap_print_fault(soap_container , stderr);
   return ;
}  

printf("Calling SOAP httpAccessService:\n");

SoapAction.clear();
SoapAction.append(SOAP_NAMESPACE_OF_ns1);
SoapAction.append("/");
SoapAction.append("httpAccessService");    

result = Proxy1.httpAccessService("https://XXX.XXX.XXX.XXX:XXXX" , NULL , httpAccessService , httpAccessServiceResponse);

if(result == SOAP_OK)
{
    printf("SOAP OK\n");                         
}
else
{
    printf("SOAP ERROR %d\n" , result);

    if(soap_check_state(soap_container) ) printf("Error: request soap struct not initialized\n");

    if(httpAccessService->soap == NULL)
    {
        printf("Error: NULL request SOAP struct\n");   
        return;                          
    }

    if(httpAccessService->soap->endpoint == NULL) printf("Error: Empty request endpoint\n");

    soap_stream_fault(soap_container , std::cout);        
}    

}

任何幫助表示贊賞。

Answer 1

問題與自簽名的不受信任的證書有關。 如果我在stdsoap2.cpp中注釋這些行...

if (!ok)
{ soap_set_sender_error(soap, "SSL/TLS error", "SSL/TLS certificate host name mismatch in tcp_connect()", SOAP_SSL_ERROR);
  soap->fclosesocket(soap, sk);
  return SOAP_INVALID_SOCKET;
}

...即使該證書是由未知機構頒發的，也可以接受。

Answer 2

if（soap_ssl_client_context（＆soap，SOAP_SSL_NO_AUTHENTICATION，NULL，NULL，NULL，/ * ```````````````````````````````` NULL，NULL）！= SOAP_OK）{

如果您可以忽略主機，則可以執行上述操作，而不是在生成的文件中進行通訊