OpenSSL生成HTTPS自签名证书 - 简书
1.Openssl
|----|------------------------------------------|--------------------------------------|
| | windows | ubuntu |
| 下载 | http://www.openssl.vip/download | |
| | 1.VS2019编译OpenSSL 2.VS2019编译第一个OpenSSL项目 | 1.ubuntu编译OpenSSL 3.0 2.编写第一个OpenSSL |
1.windows下编译OpenSSL
|---|-----------------------------------------------------------------------------|--------------|
| | | |
| | 安装vs2019 perl nasm | 安装activePerl |
| | 生成项目文件: perl Configure VC-WIN32 perl Configure VC-WIN64A --prefix=%cd%\out | |
| | 运行控制台: x64 Native Tools Command Prompt for VS 2019 | |
| | nmake | |
| | nmake install | |
2.第一个OpenSSLprj
2.1添加openssl 的bin、lib、include进项目
2.2修改属性
|---|----------------------------------------------------|---|
| | | |
| | C/C++->附加包含目录:..\openssl\include | |
| | 链接器->附加库目录:..\openssl\lib\x86 | |
| | 链接器->输入->附加依赖项:libcrypto.lib | |
| | 常规->输出目录:..\..\bin\x86 libcrypto.lib与生成文件同一个目录 | |
| | 常规->调试->工作目录->..\..\bin\x86 | |
相对路径说明:
点击文件显示所在文件夹路径:例如:
D:\C++-httpserver-json-redis\httpserver_json\httpserver_json\httpserver_jsonDlg.cpp
那么..\openssl\include就是
D:\C++-httpserver-json-redis\httpserver_json\httpserver_json\openssl
1.simplest https server
https://www.cnblogs.com/nightnine/p/12617620.html
1.1配置openssl|
环境配置:
1.1.1mongoose.c中配置OpenSSL ,在mongoose.c中,4474行后,增加
#pragma comment(lib,"libeay32MTd.lib")
#pragma comment(lib,"ssleay32MTd.lib")
编译过gmssl库(libcrypto.lib、libssl.lib)
1.1.2 项目工程配置OpenSSL的头文件
1.2开启SSL
修改mongoose.h
mongoose定义了MG_ENABLE_SSL宏来控制ssl功能的开启与关闭。修改mongoose.h头文件中MG_ENABLE_SSL的值为1,以开启SSL功能。
1.3code
服务器端:
cpp
#include "stdafx.h"
#include "stdafx.h"
#include "mongoose.h"
#include <string>
static const char *s_http_port = "8443";
static const char *s_ssl_cert = "server.crt";
static const char *s_ssl_key = "server.key";
static const char *s_ssl_ca = "ca.crt";
static struct mg_serve_http_opts s_http_server_opts;
static void ev_handler(struct mg_connection *conn, int ev, void *ev_data)
{
// 区分http和websocket
if (ev == MG_EV_HTTP_REQUEST)
{
http_message *hm = (http_message *)ev_data;
//(int)hm->message.len, hm->message.p 中存放客户端发过来的信息,包括post,Host(http地址),Content-Length(信息的长度),以及信息本身。
//通过 std::string url = std::string(hm->uri.p, hm->uri.len); 可以得到url
//通过 std::string body = std::string(hm->body.p, hm->body.len);可以得到body中 存储的从客户端发送过来的信息
std::string req_str = std::string(hm->message.p, hm->message.len);
printf("got request:\n%s\n", req_str.c_str());
//TODO. 请求处理
// eg. We have received an HTTP request. Parsed request is contained in `hm`.
// Send HTTP reply to the client which shows full original request.
mg_send_head(conn, 200, hm->message.len, "Content-Type: text/plain");
mg_printf(conn, "%.*s", (int)hm->message.len, hm->message.p);
//API函数mg_serve_http()可以轻松地从文件系统提供文件。 例如,为了创建一个从当前目录提供静态文件的Web服务器,实现如下处理:
//mg_serve_http(conn, hm, s_http_server_opts);
}
else if (ev == MG_EV_WEBSOCKET_HANDSHAKE_DONE ||
ev == MG_EV_WEBSOCKET_FRAME ||
ev == MG_EV_CLOSE)
{
websocket_message *ws_message = (struct websocket_message *)ev_data;
//TODO. 请求处理
}
}
int _tmain(int argc, _TCHAR* argv[])
{
//声明和初始化事件管理器, mg_mgr是拥有所有活动连接的事件管理器
struct mg_mgr mgr;
//mg_connection描述连接
struct mg_connection *nc;
struct mg_bind_opts bind_opts;
const char *err;
mg_mgr_init(&mgr, NULL);
/* Set HTTP server options */
memset(&bind_opts, 0, sizeof(bind_opts));
bind_opts.error_string = &err; //
bind_opts.ssl_cert = s_ssl_cert; //指定服务端证书
bind_opts.ssl_key = s_ssl_key; //指定服务端私钥
//bind_opts.ssl_ca_cert = s_ssl_ca; //提供了CA证书,表示需要验证客户端的证书
printf("Starting SSL server on port %s, cert from %s, key from %s\n", s_http_port, bind_opts.ssl_cert, bind_opts.ssl_key);
nc = mg_bind_opt(&mgr, s_http_port, ev_handler, bind_opts);
if (nc == NULL)
{
printf("Failed to create listener: %s\n", err);
getchar();
return 1;
}
// Set up HTTP server parameters, for both http and websocket
mg_set_protocol_http_websocket(nc);
s_http_server_opts.document_root = "."; // Serve current directory
s_http_server_opts.enable_directory_listing = "yes";
//通过调用循环创建一个事件mg_mgr_poll()循环:
for (;;) {
mg_mgr_poll(&mgr, 1000);
}
mg_mgr_free(&mgr);
return 0;
}