openssl错误:1416D006:SSL例程:tls_process_key_exchange:EVP库

时间:2019-06-25 06:36:02

标签: openssl

我们正在尝试与服务器代理建立openssl TLS1.2连接,并且该连接也充当客户端。 连接服务器时,遇到SSL_connect()函数的错误, 错误:1416D006:SSL例程:tls_process_key_exchange:EVP库 请就此提出建议。

我们尝试使用OPENSSL命令s_client,并且通信成功完成。

代码-

SSL_CTX *ctxHSM1,*ctxHSM2;
    SSL *sslHSM1,*sslHSM2;

    const SSL_METHOD *method;
SSL_CTX *ctx;
OpenSSL_add_all_algorithms(); /* Load cryptos, et.al. */
SSL_load_error_strings(); /* Bring in and register error messages */

method = TLSv1_2_client_method(); /* Create new client-method instance */
ctx = SSL_CTX_new((SSL_METHOD *)method);   /* Create new context */

if (ctx == NULL) {
    ERR_print_errors_fp(stderr);
    abort();
}


    SSL_CTX_set_default_passwd_cb_userdata(ctx,"Pass123!@#");

    memset(LogStr,0x00,sizeof(LogStr));
    sprintf(LogStr,"CertFile[%s]KeyFile[%s]CAFile[%s]",CertFile,KeyFile,CAFile);
    LogMesgInLogFile(LogStr,IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);

    /* set the local certificate from CertFile **/
    LogMesgInLogFile("INSIDE LOAD CER - CTX USE CERT",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);
    if (SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0)
    {
        ERROR_SSL();
        ERR_print_errors_fp(stderr);
        return(FAILURE);
    }
    /* set the private key from KeyFile (may be the same as CertFile) */
    LogMesgInLogFile("INSIDE LOAD CER - CTX KEY FILE",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);
    if (SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0)
    {
        ERR_print_errors_fp(stderr);
        return(FAILURE);
    }

    LogMesgInLogFile("INSIDE LOAD CER - VERIFY CAFILE FILE",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);
    if (SSL_CTX_load_verify_locations(ctx, CAFile, CA_DIR) < 1)
    {
        ERROR_SSL();
        LogMesgInLogFile("Error Settinf Verify Location",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);
        return(FAILURE);
    }

    /* verify private key */
    SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER ,NULL);
    ERROR_SSL();

            sslHSM1 = SSL_new(ctxHSM1);
            SSL_set_fd(sslHSM1,RacalPort1);
            if(SSL_connect(sslHSM1) == -1) /* perform the connection */
            {
            ERR_print_errors_fp(stderr);
            ERROR_SSL();
            LogMesgInLogFile("ERROR IN SSL HSM1 FED CONNECT",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);
            return(FAILURE);
            }
            else
                    LogMesgInLogFile("SSL HSM1 AFTER CONNECT SUCCESSFULLY",IGNORE_ERROR, LOG_AND_RETURN,0,LogFileName);

0 个答案:

没有答案
相关问题
最新问题