Reputation: 2541
https server using boost::asio (pion library) complains "no shared cipher"
I'm using pion network library to write a HTTP(s) server, pion is a wrapper for boost::asio. I need the server support both HTTP and HTTPS, the HTTP is done with:
#include "pion/http/server.hpp"
#include "pion/http/response_writer.hpp"
using namespace pion;
using namespace pion::http;
struct fake_server {
void start() {
m_server = pion::http::server_ptr(new pion::http::server(80));
m_server->add_resource("/", boost::bind(&fake_server::handle_request, this, _1, _2));
m_server->start();
}
void handle_request(http::request_ptr& _httpRequest, tcp::connection_ptr& _tcpConn) {
http::response_writer_ptr writer(
http::response_writer::create(
_tcpConn,
*_httpRequest,
boost::bind(&tcp::connection::finish, _tcpConn)));
http::response& r = writer->get_response();
writer->write("hello world");
writer->send();
}
pion::http::server_ptr m_server;
};
int main() {
fake_server svr;
svr.start();
while(1) {
Sleep(0);
}
}
But I don't know how to handle the HTTPS, I tried to set the port to 443, and set the ssl flag with:
void start() {
m_server = pion::http::server_ptr(new pion::http::server(443)); // 443
m_server->set_ssl_flag(true); // ssl flag
m_server->add_resource("/", boost::bind(&fake_server::handle_request, this, _1, _2));
m_server->start();
}
It doesn't work, I got an error "no shared cipher", I googled for this error and found some solution that uses openssl to generate cert pairs and then load these cert pairs in the server/client, but my client application is web browser, the browser won't use these generated certifications.
Any idea?
Thanks.
Upvotes: 0
Views: 1003
Answers (1)
Reputation: 15841
You need to provide an SSL certificate and key the server will use to negotiate the secure connection. This would be done with:
m_server->set_ssl_key_file(pem_filename);
where pem_filename is the name of a PEM formatted file containing both an SSL certificate and key. The key must not be encrypted. There are numerous internet tutorials that tell you how to create a self-signed certificate if you don't already have one from a trusted certificate authority. If you have a key and certificate in separate files then simply concatenate them into a single file.
No prior certificate/key configuration is necessary on the client side (in this case), but note that using a self-signed certificate (or any certificate not signed by a trusted certificate authority) will generate a security warning on most web browsers.
Upvotes: 2
Related Questions
- Boost Asio HTTPS request giving 'certificate verify failed' error
- Using Boost-Beast (Asio) http client with SSL (HTTPS)
- Boost.Asio/OpenSSL HTTPS GET certificate trouble
- boost asio SSL server error: called a function you should not call
- Boost ASIO connect failing
- HTTPS request with Boost.Asio and OpenSSL
- c++ Boost asio error: no shared cipher
- Connecting to an HTTPS server with boost::asio
- Boost::Asio, SSL Connection Problems
- Boost ASIO: SSL handshake() never finishes