Click here to Skip to main content
16,017,788 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hello, I created an API in C++ using Poco Libraries.
I also have a http request client that can perform requests on the server API.
Both the API and the client are standalone programs running on the same machine Ubuntu.
However, when I try to do a request from the client with some certificate validations, I get an error.

Bellow is my code for the running part of the server

//X509Certificate
    Poco::Net::Context::Ptr context = new Poco::Net::Context(Poco::Net::Context::SERVER_USE, "private2.key", "certificate.crt", "", Poco::Net::Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
    Poco::Net::initializeSSL();
    Poco::Net::SecureServerSocket svs(Poco::UInt16(port), 4, context);

    auto * httpServerParams = new Poco::Net::HTTPServerParams();

    httpServerParams->setMaxQueued(250);
    httpServerParams->setMaxThreads(50);

    Poco::Net::HTTPServer httpServer(getRouter(), svs, httpServerParams);

    std::cout << "Poco Restful Web Service started and running." << std::endl;
    std::cout << "Type http://" << endpoint << ":" << port << " to use it or ";
    std::cout << "type CRLT+C to finish it." << std::endl;

    httpServer.start();
    waitForTerminationRequest();
    httpServer.stop();

    std::cout << "\nPoco Restful Web Service stopped. \nGoodbye." << std::endl;
    return Poco::Util::Application::EXIT_OK;


Bellow is the code for my client http request

#include <Poco/Net/HTTPClientSession.h>
#include <Poco/Net/HTTPSClientSession.h>
#include <Poco/Net/HTTPRequest.h>
#include <Poco/Net/HTTPResponse.h>
#include <Poco/Net/HTTPBasicCredentials.h>
#include <Poco/Net/SSLManager.h>
#include <Poco/Path.h>
#include <Poco/URI.h>
#include <Poco/JSON/Object.h>
#include <Poco/Net/X509Certificate.h>
#include <Poco/Net/Context.h>
#include <Poco/Net/SSLException.h>
#include <iostream>
#include <string>

using namespace Poco::Net;
using namespace Poco;
using namespace std;

int main()
{
    Poco::Net::initializeSSL();

    // prepare session
    Poco::URI uri("https://localhost:9090/postRequest");

    // create request
    Poco::Net::HTTPRequest req(HTTPRequest::HTTP_POST, uri.getPathAndQuery(),HTTPRequest::HTTP_1_1);

    Poco::JSON::Object object1(Poco::JSON_PRESERVE_KEY_ORDER); // Creating object to preserve the insertion order
	object1.set("name", "John"); // adding a key-value pair
	object1.set("city", "Rome");

    std::stringstream ss; 
    object1.stringify(ss);

    req.setContentType("application/json");
    req.setContentLength(ss.str().size());    

    //Certificate
    X509Certificate x590certificate("certificate.crt");

    Context::Ptr context = new Poco::Net::Context(Context::CLIENT_USE, "private2.key", "certificate.crt", "", Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
    //Context::Ptr context = SSLManager::instance().defaultClientContext();

    // send request
    try {
        Poco::Net::initializeSSL();
        Poco::Net::HTTPSClientSession session(uri.getHost(), uri.getPort(), context);
        std::ostream& myOStream = session.sendRequest(req);
        object1.stringify(myOStream);

        // get response
        Poco::Net::HTTPResponse res;
        session.receiveResponse(res);
        std::cout <<  "Response Status = " << res.getStatus() << std::endl;    
        std::cout <<  "Response Reason = " << res.getReason() << std::endl;

    Poco::Net::uninitializeSSL();
    } catch (const Poco::Net::SSLException& ex) {
        std::cerr << "SSL Exception: " << ex.what() << std::endl;
    }
    
    
    return 0;

}


I generated the public key and certificate using OpenSSL with the following commands in the client's folder:

openssl genrsa -aes128 -out private.key 2048
openssl rsa -in private.key -out private2.key
openssl req -new -days 365 -key private2.key -out request.csr -config openssl.cnf
openssl x509 -req -in request.csr -out certificate.crt -signkey private2.key -days 365 -extensions v3_req -extfile openssl.cnf


Afterwhich I copied the private2.key and certificate.crt into the server's folder.

Both the client and server API are being run from the VS CODE IDE for Ubuntu.

The server runs, however when I want to run the client the following error appears:
SSL Exception: SSL Exception


Any help regarding this would be very much appreciated.

What I have tried:

I tried debugging and looking of what kind of ssl exception it is, but no further details are being presented. Only that error. Apparently, it appears exactly after executing the line std::ostream& myOStream = session.sendRequest(req) from the client.
Posted
Comments
Richard MacCutchan 2-Aug-23 6:40am    
You need to catch the exception and get the actual details from it. As it stands it is not possible to guess what the cause is.
MrJay994 2-Aug-23 7:13am    
Yes, I agree, as you can see I tried doing that in the client with the try catch block

try {
Poco::Net::initializeSSL();
Poco::Net::HTTPSClientSession session(uri.getHost(), uri.getPort(), context);
std::ostream& myOStream = session.sendRequest(req);
object1.stringify(myOStream);

// get response
Poco::Net::HTTPResponse res;
session.receiveResponse(res);
std::cout << "Response Status = " << res.getStatus() << std::endl;
std::cout << "Response Reason = " << res.getReason() << std::endl;

Poco::Net::uninitializeSSL();
} catch (const Poco::Net::SSLException& ex) {
std::cerr << "SSL Exception: " << ex.what() << std::endl;
}

with std::cerr << "SSL Exception: " << ex.what() << std::endl; in the catch block

But appareantly only SSL Exception: SSL Exception is being provided :(.
Richard MacCutchan 2-Aug-23 7:44am    
Then you will need to use the debugger to find out what is going on; no one here can do it for you. See also Class Poco::Net::SSLException[^].
MrJay994 2-Aug-23 7:54am    
I did another try catch block and caught this:

error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900