Exception running boost asio ssl example
OK, for anyone finding this in the future, you need to create your certificates and sign them appropriately.Here are the commands for linux:
//Generate a private key
openssl genrsa -des3 -out server.key 1024//Generate Certificate signing request
openssl req -new -key server.key -out server.csr//Sign certificate with private key
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt//Remove password requirement (needed for example)
cp server.key server.key.secureopenssl rsa -in server.key.secure -out server.key//Generate dhparam file
openssl dhparam -out dh512.pem 512Once you've done that, you need to change the filenames in server.cpp and client.cpp.
server.cpp
context_.use_certificate_chain_file("server.crt"); context_.use_private_key_file("server.key", boost::asio::ssl::context::pem);context_.use_tmp_dh_file("dh512.pem");client.cpp
ctx.load_verify_file("server.crt");Then it should all work!
Execute the tests again with strace to see which syscall gets the EINVAL, as a bonus you'll get to see the args for the failing call. It's likely part of the security context setup that's failing, unless you have the right files and data from the example:
context_.use_certificate_chain_file("server.pem");context_.use_private_key_file("server.pem", boost::asio::ssl::context::pem);context_.use_tmp_dh_file("dh512.pem");You were getting EPERM because you were trying to bind to a privileged TCP port (one whose value is less than 1024). That's why ./server 10000 does not get EPERM.
When following the answer of @Shootfast an error appered: 'bad SSL configuration: use_certificate_chain_file: ee key too small'
Changing the first line:
openssl genrsa -des3 -out server.key 1024to:
openssl genrsa -des3 -out server.key 2048fixed it for me.
After that I got the error: 'bad SSL configuration: use_private_key_file: no start line' the reason and solution to this is explained here: solution (It is more or less the reason for the last command of @Shootfast answer.)