开发者

Using libcurl & SSL

I've found th开发者_开发百科ere is really very little information around on this topic. I already have a dll making successful posts using libcurl.

I've compiled libcurl with openssl for ssl functionality.

Here is an exert of my original curl setup.

    curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, errorBuffer);

    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER , 1);
    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST , 1);
    //curl_easy_setopt(curl, CURLOPT_CAINFO , "./ca.cert");

    curl_easy_setopt(handle, CURLOPT_POSTFIELDS, cParam); 
    curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, strlen(cParam));
    curl_easy_setopt(handle, CURLOPT_FOLLOWLOCATION, 1);
    curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, Request::writer);   
    curl_easy_setopt(handle, CURLOPT_WRITEDATA, &buffer); 
    curl_easy_setopt(handle, CURLOPT_URL, cURL);

My question to those who've done this before, is it as easy as just adding those lines above to get SSL to work (as long as the certificate exists)? Or is it more complicated?

The funny thing is I'm not completely sure how SSL works. I've never worked with it before. Do I need to store a key in my application and send it with each request? Anyway my main question was the first. Thank you in advance.


Yes, it is that simple. Just make sure that the "ca.cert" file you have is a true CA cert that can verify your server's certificate.


All you need to do to use SSL with libcurl is give an https url instead of an http url. The only option you need to set with curl_easy_setopt is CURLOPT_URL, although it will just print the received data to stdout if you don't specify a write callback.

CURL *handle = curl_easy_init();
char url[] = "https://google.com";
curl_easy_setopt(handle, CURLOPT_URL, url);
curl_easy_perform(handle);


Make sure that when using CURLOPT_SSL_VERIFYHOST you set the actual value to 2L (which is the default) instead of 1 (as shown as a comment in that example), if you really want to check the hostname matches, otherwise it would just check for the existence of a "Common name" (CN) in the certificate.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜