我认为这可以通过openssl完成,但没有任何方法可以做到吗?
如果使用以下代码连接到具有隐式SSL的端口(例如,smtp.gmail.com,端口465),我可以获得证书没问题。
// Convert the server name to a wide string
USES_CONVERSION;
LPWSTR lpServerName = A2W(szServer);
BOOL bResults = FALSE;
HINTERNET hSession = NULL, hConnect = NULL, hRequest = NULL;
hSession = WinHttpOpen( L"my app",
WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS, 0 );
if( hSession )
hConnect = WinHttpConnect( hSession,
lpServerName,
PortNum, 0 );
if( hConnect )
hRequest = WinHttpOpenRequest( hConnect, L"GET",
NULL,
NULL, WINHTTP_NO_REFERER,
WINHTTP_DEFAULT_ACCEPT_TYPES,
WINHTTP_FLAG_SECURE );
if( hRequest )
bResults = WinHttpSendRequest( hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS, 0,
WINHTTP_NO_REQUEST_DATA, 0,
0, 0 );
if(hRequest)
{
// Okay, the connection and request succeeded, now try to get the certificate chain
PCCERT_CONTEXT pCert=NULL;
DWORD dwSize = sizeof(pCert);
BOOL res = WinHttpQueryOption(hRequest,
WINHTTP_OPTION_SERVER_CERT_CONTEXT,
&pCert,
&dwSize);
if (res)
{
// Do stuff
}
}