Login/Register
HTTPS request in c++ using Poco
Asked Answered
Solved c++sslhttpsssl-certificatepoco-libraries
T

1

9

I am trying to write a client app in C++ using Poco Libraries (version poco-1.4.6p1-all) and compiling in Visual Studio 2010, that sends a HTTPS request to a server that has a self-written certificate. I have an error because the certificate is not recognized:

First-chance exception at 0x76e8c41f in httprequest.exe: Microsoft C++ exception: Poco::Net::SSLException at memory location 0x0044ed38..

I have tried changing the verify functions written in the library (in X509Certificate.h) so that they always return true and rebuilt the library. Same error.

Here is the code:

try{
    const Poco::URI uri("https://www.theServer.com");
    Poco::Net::Context::Ptr context =
        new Poco::Net::Context(Poco::Net::Context::CLIENT_USE, "",
        "","",Poco::Net::Context::VERIFY_RELAXED,
        9, true, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");

    Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> pAcceptCertHandler = new Poco::Net::AcceptCertificateHandler(true);
    Poco::Net::SSLManager::instance().initializeClient(NULL, pAcceptCertHandler, context);

    Poco::Net::HTTPSClientSession session(uri.getHost(), uri.getPort(), context );
    Poco::Net::HTTPRequest req(Poco::Net::HTTPRequest::HTTP_GET, "" );
    req.setContentType("application/x-javascript; charset=utf-8\r\n");
    req.setKeepAlive(true);

    Poco::Net::HTTPBasicCredentials cred("[email protected]", "lala");
    cred.authenticate(req);
    session.sendRequest(req);
    Poco::Net::HTTPResponse res;
    std::istream& rs = session.receiveResponse(res);
    std::string resp;

    std::vector<Poco::Net::HTTPCookie> cookies;
    res.getCookies( cookies );
    res.write(std::cout);
}
catch( const Poco::Net::SSLException& e )
{
    std::cerr << e.what() << ": " << e.message() << std::endl;
}
catch( const std::exception& e )
{
    std::cerr << e.what() << std::endl;;
}

Thank you!

Talkative answered 19/8, 2013 at 13:49 Comment(2)
I realized that this exception is thrown regardless of the server I try to connect to. Could it be from an incorrect installation of OpenSSL?Talkative
I found thee answer. The problem was that I didn't actually get the certificate. It works like this:Talkative
T
11

I found the answer. I wasn't really getting the certificate. It works like this:

 try{
    Poco::Net::initializeSSL();
    Poco::SharedPtr<Poco::Net::InvalidCertificateHandler> ptrHandler = new AcceptCertificateHandler(false);
    Context::Ptr ptrContext = new Context(Context::CLIENT_USE, "", "", "", Context::VERIFY_RELAXED, 9, true, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
    SSLManager::instance().initializeClient(0, ptrHandler, ptrContext);

    Poco::Net::SocketAddress address("www.server.com:443");
    Poco::Net::SecureStreamSocket socket(address);
    if (socket.havePeerCertificate())
    {
        X509Certificate cert = socket.peerCertificate();
        std::cout<<cert.issuerName()<<"\n"; 
    }
    else
    {
        std::cout<<"No certificate";
    }

}catch (Poco::Exception& e) {
    std::cout << "Error: " << e.displayText() << "\n";
    return -1;
}
Talkative answered 20/8, 2013 at 11:48 Comment(2)
Is this not just bypassing the certificate by using an AcceptCertificateHandler (which always accepts certs, even when verification fails)?Clerihew
Yes, at the time, we used this solution temporarily, since we had an issue with our certificates.Talkative

© 2022 - 2024 — McMap. All rights reserved.