Hello, I created an API in C++ using Poco Libraries.
I also have a http request client that can perform requests on the server API.
Both the API and the client are standalone programs running on the same machine Ubuntu.
However, when I try to do a request from the client with some certificate validations, I get an error.
Bellow is my code for the running part of the server
Poco::Net::Context::Ptr context = new Poco::Net::Context(Poco::Net::Context::SERVER_USE, "private2.key", "certificate.crt", "", Poco::Net::Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
Poco::Net::initializeSSL();
Poco::Net::SecureServerSocket svs(Poco::UInt16(port), 4, context);
auto * httpServerParams = new Poco::Net::HTTPServerParams();
httpServerParams->setMaxQueued(250);
httpServerParams->setMaxThreads(50);
Poco::Net::HTTPServer httpServer(getRouter(), svs, httpServerParams);
std::cout << "Poco Restful Web Service started and running." << std::endl;
std::cout << "Type http://" << endpoint << ":" << port << " to use it or ";
std::cout << "type CRLT+C to finish it." << std::endl;
httpServer.start();
waitForTerminationRequest();
httpServer.stop();
std::cout << "\nPoco Restful Web Service stopped. \nGoodbye." << std::endl;
return Poco::Util::Application::EXIT_OK;
Bellow is the code for my client http request
#include <Poco/Net/HTTPClientSession.h>
#include <Poco/Net/HTTPSClientSession.h>
#include <Poco/Net/HTTPRequest.h>
#include <Poco/Net/HTTPResponse.h>
#include <Poco/Net/HTTPBasicCredentials.h>
#include <Poco/Net/SSLManager.h>
#include <Poco/Path.h>
#include <Poco/URI.h>
#include <Poco/JSON/Object.h>
#include <Poco/Net/X509Certificate.h>
#include <Poco/Net/Context.h>
#include <Poco/Net/SSLException.h>
#include <iostream>
#include <string>
using namespace Poco::Net;
using namespace Poco;
using namespace std;
int main()
{
Poco::Net::initializeSSL();
Poco::URI uri("https://localhost:9090/postRequest");
Poco::Net::HTTPRequest req(HTTPRequest::HTTP_POST, uri.getPathAndQuery(),HTTPRequest::HTTP_1_1);
Poco::JSON::Object object1(Poco::JSON_PRESERVE_KEY_ORDER);
object1.set("name", "John");
object1.set("city", "Rome");
std::stringstream ss;
object1.stringify(ss);
req.setContentType("application/json");
req.setContentLength(ss.str().size());
X509Certificate x590certificate("certificate.crt");
Context::Ptr context = new Poco::Net::Context(Context::CLIENT_USE, "private2.key", "certificate.crt", "", Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
try {
Poco::Net::initializeSSL();
Poco::Net::HTTPSClientSession session(uri.getHost(), uri.getPort(), context);
std::ostream& myOStream = session.sendRequest(req);
object1.stringify(myOStream);
Poco::Net::HTTPResponse res;
session.receiveResponse(res);
std::cout << "Response Status = " << res.getStatus() << std::endl;
std::cout << "Response Reason = " << res.getReason() << std::endl;
Poco::Net::uninitializeSSL();
} catch (const Poco::Net::SSLException& ex) {
std::cerr << "SSL Exception: " << ex.what() << std::endl;
}
return 0;
}
I generated the public key and certificate using OpenSSL with the following commands in the client's folder:
openssl genrsa -aes128 -out private.key 2048
openssl rsa -in private.key -out private2.key
openssl req -new -days 365 -key private2.key -out request.csr -config openssl.cnf
openssl x509 -req -in request.csr -out certificate.crt -signkey private2.key -days 365 -extensions v3_req -extfile openssl.cnf
Afterwhich I copied the private2.key and certificate.crt into the server's folder.
Both the client and server API are being run from the VS CODE IDE for Ubuntu.
The server runs, however when I want to run the client the following error appears:
SSL Exception: SSL Exception
Any help regarding this would be very much appreciated.
What I have tried:
I tried debugging and looking of what kind of ssl exception it is, but no further details are being presented. Only that error. Apparently, it appears exactly after executing the line std::ostream& myOStream = session.sendRequest(req) from the client.