All geek questions in one place

How to use SSL in C ++ gSOAP generated classes

I need to use the gsoap library in C ++, and I need to use https. the documentation says how to work with HTTPS in C, but not in C ++ (http://www.cs.fsu.edu/~engelen/soapdoc2.html#tth_sEc19.20). in particular, I have a compilation error in the soap_ssl_init(); function soap_ssl_init(); . I looked through the / usr / lib / libgsoap * files and found the ligsoapssl ++ file. and contacted him. this error went away, but I get error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed . this means that I need to call soap_ssl_client_context func, but there are no generated classes in C ++. What should I do?

UPD: I solved this problem myself. but this is a bizarre, very bizarre way. gSOAP generates C ++ classes inherited from struct soap and contains the following attrs:

 BIO *bio; SSL *ssl; SSL_CTX *ctx; unsigned short ssl_flags; const char *keyfile; const char *password; const char *dhfile; const char *cafile; const char *capath; const char *crlfile; const char *randfile; SSL_SESSION *session;

therefore, we can independently set the necessary attributes (flags, parameters), as in the OpenSSL library. In the simple case, just call soap_ssl_init() once and set ssl_flags = SOAP_SSL_NO_AUTHENTICATION . it works for me. if someone knows a better way, I will be glad to see.

+6
source share
4 answers

I solved this problem myself. but this is a bizarre, very bizarre way. gSOAP generates C ++ classes inherited from struct soap , contains the following attrs:

 BIO *bio; SSL *ssl; SSL_CTX *ctx; unsigned short ssl_flags; const char *keyfile; const char *password; const char *dhfile; const char *cafile; const char *capath; const char *crlfile; const char *randfile; SSL_SESSION *session;

therefore, we can independently set the necessary attributes (flags, parameters), as in the OpenSSL library. In the simple case, just call soap_ssl_init() once and set ssl_flags = SOAP_SSL_NO_AUTHENTICATION . it works for me. if anyone knows a better way i will gla

0
source

This works for me:

 soap_ssl_client_context(m_proxy.soap, SOAP_SSL_NO_AUTHENTICATION, NULL, NULL, NULL, NULL, NULL);

where m_proxy is an instance of the client proxy generated using gSOAP:

 wsdl2h.exe -o MyWebservice.h ..\MyWebservice.wsdl soapcpp2.exe -IC:\gsoap-2.8\gsoap\import -j MyWebservice.h -C -1 -SL
+1
source

I used gsoap SSL support in my C ++ program and I had no problems. I compiled the source file stdsoap2.cpp (which comes with gsoap) with the -DWITH_OPENSSL directive (did you miss this?). I used the obj file and linked my program with it.

0
source

Today I had the same problem. I used Ubuntu 14.04 on VirtualBox and Gsoap 2.8.21.

I created C ++ proxy classes with the command:

 soapcpp2 -1 -I/opt/libraries/gsoap/build/2.8.21/share/gsoap/import -C -j temporary.h

In the first place, I used the above solution and set ssl_flags to SOAP_SSL_NO_AUTHENTICATION. Thanks to this error disappeared.

In addition, I noticed that when flags are changed to SOAP_TLSv1, it also fixes errors. The flag that causes headaches was SOAP_SSL_REQUIRE_SERVER_AUTHENTICATION, which is set by default to the SOAP_SSL_DEFAULT flag.

Everything seemed fine until I recompiled gsoap from the source with the -enable-debug flag. Shortly after I started to see something like:

SSL check error or warning with certificate to depth 1: Failed to get local issuer certificate

The best solution I have found so far is to download the cacerts.pem file from the gsoap site https://www.cs.fsu.edu/~engelen/cacerts.pem.zip and unzip them next to the executable file.

And of course, in your code you should have something similar to:

 soap *soap = soap_new(); soap->ssl_flags = SOAP_SSL_DEFAULT; soap_register_plugin(soap, soap_wsse); soap->cafile = "cacerts.pem";

Then all warnings and error messages disappear.

0
source

Source: https://habr.com/ru/post/890284/

More articles:


All Articles