C++ WinHttp安全证书验证设置

在C++中，使用WinHttp库进行HTTP请求时，可能需要对服务器的SSL/TLS证书进行验证

以下是一个示例代码，展示了如何在C++中使用WinHttp库进行安全证书验证设置：

#include<Windows.h>#include <WinHttp.h>#include<iostream>int main() {    // 初始化WinHttp    HINTERNET hSession = WinHttpOpen(L"MyUserAgent", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);    if (!hSession) {        std::cerr << "WinHttpOpen failed: "<< GetLastError()<< std::endl;        return 1;    }    // 连接到服务器    HINTERNET hConnect = WinHttpConnect(hSession, L"example.com", INTERNET_DEFAULT_HTTPS_PORT, 0);    if (!hConnect) {        std::cerr << "WinHttpConnect failed: "<< GetLastError()<< std::endl;        WinHttpCloseHandle(hSession);        return 1;    }    // 创建请求    HINTERNET hRequest = WinHttpOpenRequest(hConnect, L"GET", L"/", NULL, WINHTTP_NO_REFERER, WINHTTP_DEFAULT_ACCEPT_TYPES, WINHTTP_FLAG_SECURE);    if (!hRequest) {        std::cerr << "WinHttpOpenRequest failed: "<< GetLastError()<< std::endl;        WinHttpCloseHandle(hConnect);        WinHttpCloseHandle(hSession);        return 1;    }    // 设置安全证书验证选项    DWORD dwOption = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | SECURITY_FLAG_IGNORE_CERT_CN_INVALID | SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;    if (!WinHttpSetOption(hRequest, WINHTTP_OPTION_SECURITY_FLAGS, &dwOption, sizeof(dwOption))) {        std::cerr << "WinHttpSetOption failed: "<< GetLastError()<< std::endl;        WinHttpCloseHandle(hRequest);        WinHttpCloseHandle(hConnect);        WinHttpCloseHandle(hSession);        return 1;    }    // 发送请求    if (!WinHttpSendRequest(hRequest, WINHTTP_NO_ADDITIONAL_HEADERS, 0, WINHTTP_NO_REQUEST_DATA, 0, 0, 0)) {        std::cerr << "WinHttpSendRequest failed: "<< GetLastError()<< std::endl;        WinHttpCloseHandle(hRequest);        WinHttpCloseHandle(hConnect);        WinHttpCloseHandle(hSession);        return 1;    }    // 接收响应    if (!WinHttpReceiveResponse(hRequest, NULL)) {        std::cerr << "WinHttpReceiveResponse failed: "<< GetLastError()<< std::endl;        WinHttpCloseHandle(hRequest);        WinHttpCloseHandle(hConnect);        WinHttpCloseHandle(hSession);        return 1;    }    // 处理响应    // ...    // 清理资源    WinHttpCloseHandle(hRequest);    WinHttpCloseHandle(hConnect);    WinHttpCloseHandle(hSession);    return 0;}

在这个示例中，我们设置了WINHTTP_OPTION_SECURITY_FLAGS选项，忽略了未知的CA、证书日期无效、证书CN无效和证书用途不正确的错误。这些选项可以根据实际需求进行调整。

请注意，这个示例仅用于演示目的，实际应用中应该根据需要进行适当的错误处理和资源管理。