how to fix "error in ssl handshake" in cpprestsdk?

Question

I'm using cpprestsdk "Casablanca" master branch with https url, it's working on both windows and osx but when i run it on linux i received "Error is ssl handshake"

C++ exception with description "Error in SSL handshake" thrown in the test body.

i tried to open this url using firefox it worked.

when i used it with http url it worked properly i checked the code i found this message in one file named "http_client_asio.cpp"

void write_request()
    {
        // Only perform handshake if a TLS connection and not being reused.
        if (m_connection->is_ssl() && !m_connection->is_reused())
        {
            const auto weakCtx = std::weak_ptr<asio_context>(shared_from_this());
            m_connection->async_handshake(boost::asio::ssl::stream_base::client,
                                          m_http_client->client_config(),
                                          m_http_client->base_uri().host(),
                                          boost::bind(&asio_context::handle_handshake, shared_from_this(), boost::asio::placeholders::error),

                                          // Use a weak_ptr since the verify_callback is stored until the connection is destroyed.
                                          // This avoids creating a circular reference since we pool connection objects.
                                          [weakCtx](bool preverified, boost::asio::ssl::verify_context &verify_context)
                                          {
                                              auto this_request = weakCtx.lock();
                                              if(this_request)
                                              {
                                                  return this_request->handle_cert_verification(preverified, verify_context);
                                              }
                                              return false;
                                          });
        }
        else
        {
            m_connection->async_write(m_body_buf, boost::bind(&asio_context::handle_write_headers, shared_from_this(), boost::asio::placeholders::error));
        }
    }

    void handle_handshake(const boost::system::error_code& ec)
    {
        if (!ec)
        {
            m_connection->async_write(m_body_buf, boost::bind(&asio_context::handle_write_headers, shared_from_this(), boost::asio::placeholders::error));
        }
        else
        {
            report_error("Error in SSL handshake", ec, httpclient_errorcode_context::handshake);
        }
    }

in the client side i craeted http client like this

http_client client(U("https://www.bing.com/"));

how can i fix this error ?

Answer 1

I've had the same problem when trying to connect to an https URL.

First, if you don't need to connect to https, you could just replace your url to a http one.

Another solution is to set your http_client_config credentials validation to false. Something like this:

    http_client_config config;
    config.set_validate_certificates(false);

But if you need to make a https connections with security included, you must include your local certificate file (generally a CRT, or DEM file) and set it as a callback in your http_client config:

    http_client_config config;
    config.set_ssl_context_callback([]((boost::asio::ssl::context &ctx) {
        ctx.load_verify_file("PATH_TO_CERTIFICATE_FILE");
    });

You could see more about these functions here:

https://microsoft.github.io/cpprestsdk/classweb_1_1http_1_1client_1_1http__client__config.html