You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by mrdebug
Pages 1
Hi, I need to enable debug and altcertchains switch on building wolfssl with cmake.
Wich is the right command line?
Many thanks so, where I have to put this switch? In which file?
Perfect, and which is the way to enable
--enable-altcertchains
in wolfssl for esp32?
I have the same problem with client example provided with wolfssl sources.
I have downloaded tge google certificate with thos command line:
openssl s_client -showcerts -connect www.google.com:443 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p' > google.crtand if I execute the client with this command line
./examples/client/client -h www.google.com -p 443 -g -A google.crt -v 3I obtain the error
wolfSSL_connect error -188, ASN no signer error to confirm failure
wolfSSL error: wolfSSL_connect failed
Hi, I need to learn how to use wolfssl so, I have write a client to connect to a local server with a self signed certificate and it works.
Now I want to connect to a real server so I'm trying to connect to smtp.gmail.com but my client does not work. I obtain the error
wolfSSL_connect() Error!!!
Error: -188, ASN no signer error to confirm failureI have downloaded the certificate with this command line:
openssl s_client -showcerts -connect smtp.gmail.com:465 </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p' > gmail.crtand this is my client. To start it please type:
./Test02 smtp.gmail.com 465 gmail.crt
Can anyone help me?
Best regards.
#include <QCoreApplication>
#include "QDebug"
#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
int main(int argc, char *argv[]) {
QString RemoteServer;
QString Certificate;
int RemoteSocket= 0;
if (argc> 2) {
RemoteServer= argv[1];
RemoteSocket= QString(argv[2]).toInt();
Certificate= argv[3];
qDebug() << RemoteServer << RemoteSocket << Certificate;
}
wolfSSL_Debugging_ON();
int Result= wolfSSL_Init();
if (Result!= WOLFSSL_SUCCESS) printf("wolfSSL_Init() Error!!!\n");
else {
WOLFSSL_CTX *Context= wolfSSL_CTX_new(wolfTLS_client_method());
if (!Context) printf("wolfSSL_CTX_new() Error!!!\n");
else {
//Result = wolfSSL_CTX_UseSNI(Context, WOLFSSL_SNI_HOST_NAME, Certificate.toStdString().c_str(), Certificate.toStdString().size());
Result= wolfSSL_CTX_use_certificate_file(Context, Certificate.toStdString().c_str(), SSL_FILETYPE_PEM);
if (Result!= WOLFSSL_SUCCESS) printf("wolfSSL_CTX_use_certificate_file() Error!!!\n");
else {
if (Result!= WOLFSSL_SUCCESS) printf("wolfSSL_CTX_set_cipher_list() Error!!!\n");
else {
Result= wolfSSL_CTX_load_verify_locations(Context, Certificate.toStdString().c_str(), nullptr);
if (Result!= WOLFSSL_SUCCESS) printf("wolfSSL_CTX_load_verify_locations() Error!!!\n");
else {
struct hostent *he= gethostbyname(RemoteServer.toStdString().c_str());
if (!he) printf("gethostbyname() Error!!!\n");
else {
struct in_addr **addr_list= (struct in_addr**)he->h_addr_list;
if (!addr_list[0]) printf("addr_list Error!!!\n");
else {
struct sockaddr_in AddrCloud;
AddrCloud.sin_addr.s_addr= *(long*)(he->h_addr);
AddrCloud.sin_family= AF_INET;
AddrCloud.sin_port= htons(RemoteSocket);
int Socket= socket(AF_INET, SOCK_STREAM, IPPROTO_IP);
if (Socket< 0) printf("SocketClient Error!!!\n");
else {
//wolfSSL_CTX_set_verify(Context, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
WOLFSSL *ssl= wolfSSL_new(Context);
if (!ssl) printf("wolfSSL_new() Error!!!\n");
else {
Result= wolfSSL_set_fd(ssl, Socket);
if (Result!= WOLFSSL_SUCCESS) printf("wolfSSL_set_fd() Error!!!\n");
else {
Result= connect(Socket, (struct sockaddr*)&AddrCloud, sizeof(AddrCloud));
if (Result!= 0) printf("connect() Error!!!\n");
else {
printf("CLIENT_CONNECTION_OPEN, try to bring up ssl client layer...\n");
Result= wolfSSL_connect(ssl);
if (Result!= WOLFSSL_SUCCESS) {
printf("wolfSSL_connect() Error!!!\n");
Result= wolfSSL_get_error(ssl, Result);
char Buffer[128];
wolfSSL_ERR_error_string(Result, Buffer);
printf("Error: %d, %s\n", Result, Buffer);
} else {
printf("CLIENT_CONNECTION_OPEN, ssl client layer ok\n");
printf("SSL_get_version() %s\n", wolfSSL_get_version(ssl));
printf("SSL_get_cipher() %s\n", wolfSSL_get_cipher(ssl));
if (wolfSSL_get_peer_certificate(ssl)) {
Result= wolfSSL_get_verify_result(ssl);
if (Result== X509_V_OK) printf("Certiticate Verification Succeeded\n");
else if (Result== X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) printf("Certiticate X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT Error!!!\n");
else if (Result== X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) printf("X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN Error!!!\n");
else {
printf("Certiticate Verification Failed %d\n", Result);
}
}
char Buffer[]= "Hello world!!!\n";
Result= wolfSSL_write(ssl, Buffer, sizeof(Buffer));
if (Result!= sizeof(Buffer)) printf("wolfSSL_write() Error!!!\n");
else {
Result= wolfSSL_pending(ssl);
if (Result> 0) {
memset(Buffer, '0', sizeof(Buffer));
Result= wolfSSL_read(ssl, Buffer, sizeof(Buffer));
printf("%d, %s\n", Result, Buffer);
}
}
printf("ee1\n");
wolfSSL_shutdown(ssl);
printf("ee2\n");
}
}
}
wolfSSL_free(ssl);
}
shutdown(Socket, 0);
close(Socket);
}
}
}
}
}
}
wolfSSL_CTX_free(Context);
}
wolfSSL_Cleanup();
}
return 0;
}Pages 1
wolfSSL - Embedded SSL Library → Posts by mrdebug
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.017 seconds (96% PHP - 4% DB) with 5 queries