急急急,QT 官方自带SSL/TLS当用ip地址的时候认证不成功 5C
 Client(const QHostAddress& host = QHostAddress::LocalHost,
           const quint16 port = 1883,
           QObject* parent = NULL);

#ifndef QT_NO_SSL
    Client(const QString& hostName,
           const quint16 port,
           const QSslConfiguration& config,
           const bool ignoreSelfSigned=false,
           QObject* parent = NULL);
#endif // QT_NO_SSL
这个是官网自带的MQTT,可以好清楚看到,当使用SSL认证的时候,是用QString& hostName,如果不用SSL认证就是用const QHostAddress& host;
这里有一个参考使用方法http://www.mamicode.com/info-detail-2597790.html,大概是这样子的,
QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration();
// Add custom SSL options here (for example extra certificates)
QMQTT::Client *client = new QMQTT::Client("example.com", 8883, sslConfig);
client->setClientId("clientId");
client->setUsername("user");
client->setPassword("password");
client->connectToHost();
可以看到,这是用了.com的域名的,现在有一个MQTT的服务器,同事给了我ip和port,有帐户名和密码,还有ca证书,pem格式的,我把实例中的example.com用ip代替,发现是连接不上的,现在我的问题是,我有ip地址,port,帐户密码,ca证书,怎么才能通过ssl认证连接上MQTT服务器
c++

1个回答

qq_25958023
qq_25958023 额,答非所问呀
5 个月之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
其他相关推荐
如何禁用SSL / TLS压缩[关闭]

<div class="post-text" itemprop="text"> <p>For "SSL/TLS CRIME attack" problem, I need to disable the SSL/TLS compression option in my apache server. Tell your comments.</p> </div>

偶发"基础连接已经关闭: 未能为SSL/TLS 安全通道建立信任关系"错误

如题,我的网站在请求微信公众平台接口时,有时候回出现"基础连接已经关闭: 未能为SSL/TLS 安全通道建立信任关系"这种错误,已经在Global.aspx中添加了"System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;"问题是这是偶发的,这是为什么呢,有没有什么解决思路以及可以参考的文档,谢谢大家的帮助!

请求https网站 提示:请求被中止: 未能创建 SSL/TLS 安全通道。

![图片说明](https://img-ask.csdn.net/upload/201509/05/1441462480_688532.png)

JAVA实现的SSL/TLS双向认证源代码

压缩包里有客户端源码和服务器端源码,支持TCP的双向认证,也支持WEBSOCKET的双向认证,内附测试 wss的测试例子, 需要生成PKCS12的证书,导入浏览器才可以测试。你这个服务端是用什么语言写的呢

从PHP发送电子邮件时使用SSL / TLS

<div class="post-text" itemprop="text"> <p>I am very new to email servers and sending email with PHP...</p> <p>Is it possible to have email sent from a PHP script on my server encrypted using SSL or TLS before it is sent to the recipient's mail server?</p> <p>I need to ensure only the intended recipient can read the email, in case the transmission is intercepted on its journey to their mail server.</p> <p>I am not sure if this is possible, as the recipient's mail server would not know the public key right? So how could it decrypt the email?</p> <p>As background, I am not actually hosting email accounts for anyone - so it is not a case of the users authenticating with my server and downloading emails for them hosted there. I just have a script triggering an alert email to be sent from "notifications@danbaylis.com" (which is not a real email address on the server so you can't reply to it) to the user's real email address (which my application knows). I need a way to make sure this email is securely sent from PHP on my server, to the recipients mail server.</p> <p>I have looked at the mail() function in PHP, as well as the PHPMailer class - but I am not sure how I would configure either of these methods to securely send the email.</p> <p>All my research just shows how to install SSL in on my server so users can securely download email stored on my server - which is not what I am trying to do here.</p> <p>I am running Centos5.7 which I believe has a mail server installed, though I am not sure if PHP actually uses that by default..</p> <p>Thanks for any help!</p> </div>

fopen()用于FTP显式SSL / TLS

<div class="post-text" itemprop="text"> <p>How can I use <code>fopen("ftp://$user:$pass@$domain/test.php", "wb");</code> for FTP Explicit SSL/TLS ?</p> <p>Something like <code>fopen("ftpes://$user:$pass@$domain/test.php", "wb");</code>.</p> <p><code>ftpes://</code> is not listed in <a href="http://php.net/manual/en/wrappers.php" rel="nofollow">Supported Protocols and Wrappers</a></p> <p>From Filezilla Client, I can confirm that ftpes://$domain is right and even the user credentials are correct.</p> <p>Basically I want to write the contents directly through <code>fwrite()</code>, the same code works for ftp and ftps but not ftpes.</p> <p>Let me know if any more information is required.</p> </div>

Websockets服务器的SSL / TLS-Go lang

<div class="post-text" itemprop="text"> <p>I am using collider (<a href="https://github.com/webrtc/apprtc/tree/master/src/collider" rel="nofollow noreferrer">https://github.com/webrtc/apprtc/tree/master/src/collider</a> -a websockets server in go) and I am trying to add SSL/TLS support. For which I generated self-signed certificates:</p> <pre><code>openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 Enter PEM pass phrase: Verifying - Enter PEM pass phrase: Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:CA Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]:testwebsite.com Organizational Unit Name (eg, section) []:Engineering Common Name (e.g. server FQDN or YOUR name) []:www.testwebsite.com Email Address []:testwebsite@gmail.com </code></pre> <p>When I run the collider, I see this error:</p> <pre><code>2017/06/05 21:25:50 Error Run: crypto/tls: failed to parse private key </code></pre> <p>When I generate using (based on <a href="http://www.kaihag.com/https-and-go/" rel="nofollow noreferrer">http://www.kaihag.com/https-and-go/</a>):</p> <pre><code>openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem </code></pre> <p>I get this error:</p> <pre><code>2017/06/05 22:11:31 http: TLS handshake error from &lt;some-ip&gt;:1082: remote error: unknown certificate </code></pre> <p>How to fix this? </p> <p><strong>Note:</strong> collider uses golang.org/x/net/websocket</p> </div>

供应标准库(crypto / tls)

<div class="post-text" itemprop="text"> <p>I want to make some changes to the Go crypto/tls standard library.</p> <p>Is making a copy of crypto/tls in the vendor folder a good way to do this?</p> <p>It almost works, it seems the vendored is copy used when I compile the application (Caddy webserver). Apart from one error I get:</p> <blockquote> <p>go/src/github.com/user/caddy/caddytls/httphandler.go:40: cannot use "vendor/crypto/tls".Config literal (type *"vendor/crypto/tls".Config) as type *"crypto/tls".Config in field value</p> </blockquote> <p>Is there a way of casting to get around this one error? Doesn't sound like good practice to me though.</p> <p>I would have thought that the vendored copy would always be used, but it seems something is still using the standard crypto/tls library? (I think "net/http" is. Do I have to vendor this too?)</p> </div>

公司搭建openVPN客户端连接时,服务端出现SSL/TLS相关的报错,报错信息如下。。。

Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS: Initial packet from [AF_INET]218.109.201.2:53932, sid=412dcd80 f5ddfb47 Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive. Mon Feb 24 15:22:09 2020 218.109.201.2:53932 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS_ERROR: BIO read tls_read_plaintext error Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS object -> incoming plaintext read error Mon Feb 24 15:22:09 2020 218.109.201.2:53932 TLS Error: TLS handshake failed Mon Feb 24 15:22:09 2020 218.109.201.2:53932 SIGUSR1[soft,tls-error] received, client-instance restarting Mon Feb 24 15:23:10 2020 218.109.201.2:53934 TLS: Initial packet from [AF_INET]218.109.201.2:53934, sid=6bd5599e afa06e6e Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS error: The server has no TLS ciphersuites in common with the client. Your --tls-cipher setting might be too restrictive. Mon Feb 24 15:23:13 2020 218.109.201.2:53934 OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS_ERROR: BIO read tls_read_plaintext error Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS Error: TLS object -> incoming plaintext read error Mon Feb 24 15:23:13 2020 218.109.201.2:53934 TLS Error: TLS handshake failed Mon Feb 24 15:23:13 2020 218.109.201.2:53934 SIGUSR1[soft,tls-error] received, client-instance restarting

HTTP基本身份验证与SSL / TLS(HTTPS)结合使用将用于验证用户身份

<div class="post-text" itemprop="text"> <p>i need to send json request (RESTful) to a URL where the server authority send me the username &amp; password and ask me to send the request to the server using <strong>"HTTP Basic Authentication combined with SSL/TLS (HTTPS) will be used to authenticate user"</strong>.</p> <p>when i send the request to that link using cURL then i get the error. "<strong>Error: call to URL failed with status 0, curl_error SSL certificate problem: self signed certificate, curl_errno 60</strong>"</p> <p>My Web server version is: IIS7, PHP Version: 5.3.27.</p> <p>Now, what is the process to complete the task. please help.</p> </div>

Golang Web服务器在crypto / tls处泄漏内存(* block).reserve

<div class="post-text" itemprop="text"> <p>I've got a web server written in Go.</p> <pre><code>tlsConfig := &amp;tls.Config{ PreferServerCipherSuites: true, MinVersion: tls.VersionTLS12, CurvePreferences: []tls.CurveID{ tls.CurveP256, tls.X25519, }, CipherSuites: []uint16{ tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, }, } s := &amp;http.Server{ ReadTimeout: 5 * time.Second, WriteTimeout: 10 * time.Second, IdleTimeout: 120 * time.Second, Handler: r, // where r is my router TLSConfig: tlsConfig, } // redirect http to https redirect := &amp;http.Server{ ReadTimeout: 5 * time.Second, WriteTimeout: 10 * time.Second, IdleTimeout: 120 * time.Second, Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Connection", "close") url := "https://" + r.Host + r.URL.String() http.Redirect(w, r, url, http.StatusMovedPermanently) }), } go func() { log.Fatal(redirect.ListenAndServe()) }() log.Fatal(s.ListenAndServeTLS(certFile, keyFile)) </code></pre> <p>Here is a screenshot from my Digital Ocean dashboard.</p> <p><a href="https://i.stack.imgur.com/ZbZpX.png" rel="nofollow noreferrer"><img src="https://i.stack.imgur.com/ZbZpX.png" alt="enter image description here"></a></p> <p>As you can see memory keeps growing and growing. So I started looking at <a href="https://github.com/google/pprof" rel="nofollow noreferrer">https://github.com/google/pprof</a>. Here is the output of <code>top5</code>.</p> <pre><code>Type: inuse_space Time: Nov 7, 2018 at 10:31am (CET) Entering interactive mode (type "help" for commands, "o" for options) (pprof) top5 Showing nodes accounting for 289.50MB, 79.70% of 363.24MB total Dropped 90 nodes (cum &lt;= 1.82MB) Showing top 5 nodes out of 88 flat flat% sum% cum cum% 238.98MB 65.79% 65.79% 238.98MB 65.79% crypto/tls.(*block).reserve 20.02MB 5.51% 71.30% 20.02MB 5.51% crypto/tls.Server 11.50MB 3.17% 74.47% 11.50MB 3.17% crypto/aes.newCipher 10.50MB 2.89% 77.36% 10.50MB 2.89% crypto/aes.(*aesCipherGCM).NewGCM </code></pre> <p>The SVG shows the same huge amount of memory allocated by crypto/tls.(*block).reserve.</p> <p><a href="https://i.stack.imgur.com/FxbfZ.png" rel="nofollow noreferrer"><img src="https://i.stack.imgur.com/FxbfZ.png" alt="enter image description here"></a></p> <p>Here is the exact code.</p> <p><a href="https://i.stack.imgur.com/59VOT.png" rel="nofollow noreferrer"><img src="https://i.stack.imgur.com/59VOT.png" alt="enter image description here"></a></p> <p>I spent the last days reading every article, document, blog post, source code, help file I could find. However nothing helps. The code is running on a Ubuntu 17.10 x64 machine using Go 1.11 inside a Docker container.</p> <p>It looks like the server doesn't close the connections to the client. I thought setting all the <code>xyzTimeout</code> would help but it didn't.</p> <p>Any ideas?</p> <p>Edit 12/20/2018:</p> <p>fixed now <a href="https://github.com/golang/go/issues/28654#issuecomment-448477056" rel="nofollow noreferrer">https://github.com/golang/go/issues/28654#issuecomment-448477056</a></p> </div>

Ruby的grpc(v1.3.2)gem SSL / TLS连接问题,完全在golang中构建的grpc服务器

<div class="post-text" itemprop="text"> <p>Recently, I was trying to use rubygem grpc version 1.3.2 as a clinet and connect to a grpc server which is built from golang. I went through the documentation at <a href="http://grpc.io/docs/guides/auth.html" rel="nofollow noreferrer">GRPC.IO</a> and used it in my code as it.</p> <pre><code> irb(main):017:0&gt; GRPC::Core::Credentials.new(File.read(CA_FILE_PATH)) NameError: uninitialized constant GRPC::Core::Credentials from (irb):17 from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/console.rb:110:in `start' from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/console.rb:9:in `start' from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:68:in `console' from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:39:in `run_command!' from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands.rb:17:in `&lt;top (required)&gt;' from bin/rails:4:in `require' from bin/rails:4:in `&lt;main&gt;' </code></pre> <p>However their documentation specifically says,</p> <pre><code>creds = GRPC::Core::Credentials.new(load_certs) # load_certs typically loads a CA roots file stub = Helloworld::Greeter::Stub.new('myservice.example.com', creds) </code></pre> <p>Then I came across <strong>ChannelCredentials</strong> and the <em>creds</em> is supposed to be either <strong>ChannelCredentials</strong> object or a symbol(e.g. <em>:this_channel_is_insecure</em>). Hence, I gave it a try as well.</p> <p>I've taken the following function from the grpc gem's source code itself. This function was called in rspec test cases for loading the certs:</p> <pre><code>def load_certs data_dir = "#{Rails.root}/certs" files = ['ca.pem', 'server.key', 'server.pem'] files.map { |f| File.open(File.join(data_dir, f)).read } end </code></pre> <p>Then I gave it a try with,</p> <pre><code>channel_creds = GRPC::Core::ChannelCredentials.new(load_certs) stub = Helloworld::Greeter::Stub.new('myservice.example.com', channel_creds) </code></pre> <p>But the above failed with</p> <pre><code>E0619 09:59:10.410575570 14208 ssl_transport_security.c:601] Could not load any root certificate. E0619 09:59:10.410604954 14208 ssl_transport_security.c:1315] Cannot load server root certificates. E0619 09:59:10.410622519 14208 security_connector.c:837] Handshaker factory creation failed with TSI_INVALID_ARGUMENT. </code></pre> <p>I also tried:</p> <pre><code>channel_creds = GRPC::Core::ChannelCredentials.new(File.read(CA_FILE_PATH)) stub = Helloworld::Greeter::Stub.new('myservice.example.com', creds) </code></pre> <p>But all I got was error from the logs or rpc server:</p> <pre><code>2017/06/16 10:52:34 transport: http2Server.HandleStreams failed to receive the preface from client: EOF 2017/06/16 10:53:35 transport: http2Server.HandleStreams failed to receive the preface from client: EOF 2017/06/16 10:53:59 transport: http2Server.HandleStreams failed to receive the preface from client: EOF 2017/06/16 10:55:06 transport: http2Server.HandleStreams failed to receive the preface from client: EOF </code></pre> <p>Has anyone successfully tried this Ruby client Golang server combination with SSL/TLS enabled?</p> </div>

通过自签名证书进行TLS连接失败

<div class="post-text" itemprop="text"> <p>This following reduced test case code works when run locally on my laptop using my own 'developer' certs for accessing internal services</p> <p>If I run on a remote machine with dynamically generated certs (all of which is handled by a separate team in my organisation) it fails with a 400 and "No required SSL certificate was sent" error</p> <p>But if I use curl on the remote machine, and specify the same certs as referenced in my Go code, it will work</p> <p>So seems the certs aren't the issue but the Go code, but that itself doesn't seem to be the issue as it works with my own certs locally</p> <pre><code>package main import ( "crypto/tls" "crypto/x509" "fmt" "io/ioutil" "net/http" "os" "time" ) func main() { transport, transErr := configureTLS() if transErr != nil { fmt.Printf("trans error: %s", transErr.Error()) return } timeout := time.Duration(1 * time.Second) client := http.Client{ Transport: transport, Timeout: timeout, } resp, clientErr := client.Get("https://my-service-with-nginx/") if clientErr != nil { fmt.Printf("client error: %s", clientErr.Error()) } else { defer resp.Body.Close() contents, contErr := ioutil.ReadAll(resp.Body) if contErr != nil { fmt.Printf("contents error: %s", contErr.Error()) } fmt.Printf(" contents: %+v", string(contents)) } } func configureTLS() (*http.Transport, error) { certPath := "/path/to/client.crt" keyPath := "/path/to/client.key" caPath := "/path/to/ca.crt" // Load client cert cert, err := tls.LoadX509KeyPair(certPath, keyPath) if err != nil { return nil, err } // Load CA cert caCert, err := ioutil.ReadFile(caPath) if err != nil { return nil, err } caCertPool := x509.NewCertPool() caCertPool.AppendCertsFromPEM(caCert) // Setup HTTPS client tlsConfig := &amp;tls.Config{ Certificates: []tls.Certificate{cert}, RootCAs: caCertPool, InsecureSkipVerify: true, } tlsConfig.BuildNameToCertificate() return &amp;http.Transport{TLSClientConfig: tlsConfig}, nil } </code></pre> <p>Does anyone know why this would be happening? </p> <p>I thought it might be the renegotiation bug that Go has (as of 1.6) but I don't think that's the case here as otherwise it would fail for me when running the app locally (but it doesn't, using my own dev certs and running locally works fine - the problem only occurs when run on a remote instance with different certs; and those certs aren't the problem as they work fine when used by <code>curl</code>)</p> </div>

我应该在JSON API中的哪里添加TLS / SSL?

<div class="post-text" itemprop="text"> <p>So I have a droplet on DigitalOcean, the front-end is a Backbone.js app, and our back-end is a JSON API written in Go. Nginx is in-between proxying requests from port 80 to our front-end JavaScript app's port.</p> <p>My question, where in this stack does SSL/TLS go? I've seen tutorials that suggest we configure only Nginx to handle SSL/TLS calls (like this one: <a href="https://www.digitalocean.com/community/tutorials/how-to-create-an-ssl-certificate-on-nginx-for-ubuntu-14-04" rel="nofollow">https://www.digitalocean.com/community/tutorials/how-to-create-an-ssl-certificate-on-nginx-for-ubuntu-14-04</a>) , and I've seen tutorials using Go's <code>ListenAndServeTLS</code> that suggest this is done within the server code (like this one: <a href="https://www.kaihag.com/https-and-go/" rel="nofollow">https://www.kaihag.com/https-and-go/</a>).</p> <p>A follow-up question, let's say that it ends up that only Nginx needs to be configured for SSL/TLS, wouldn't the incoming requests be encrypted using SSL, and the responses from the Go server be unencrypted? This leads me to believe that both Nginx and the Go server need to be configured for SSL/TLS integration. </p> <p>Which one is it? Nginx? The Go server? Both?</p> <p>Thanks everyone</p> </div>

RabbitMQ-Tls连接-Golang

<div class="post-text" itemprop="text"> <p>I configured RabbitMQ connection using follow link: <a href="https://github.com/streadway/amqp/blob/master/examples_test.go" rel="nofollow noreferrer">https://github.com/streadway/amqp/blob/master/examples_test.go</a></p> <p>Certificate I created according to the instructions here: <a href="https://www.rabbitmq.com/ssl.html#enabling-tls-paths" rel="nofollow noreferrer">https://www.rabbitmq.com/ssl.html#enabling-tls-paths</a></p> <p>I use RabbitMQ 3.7.0 installed in docker. After the call amqp.DialTLS I receive "Bad certificate" error on the server side (in the docker logs).</p> <p>I suppose that the problem is that certificate should contain the server name and if so, which server name should I set in the certificate if RabbitMQ is installed inside docker?</p> <p>Besides, any other ideas?</p> </div>

chrome 45 服务器的瞬时 Diffie-Hellman 公共密钥过弱

更新到最新的chrome 45 ,结果访问 公司的 https 就出现服务器的瞬时 Diffie-Hellman 公共密钥过弱 ![图片说明](https://img-ask.csdn.net/upload/201509/07/1441595809_964002.png) 以前 firefox 39.0 也出现过这个问题, 那时候给Firefox 安装一个 disable-DHE插件就行了, 我想问下 有没有类似的解决方法, 或者 这个问题该怎么解决, 重新添加 https 安全协议?

SSL例程:tls_process_server_certificate:证书验证失败无法启用加密

<div class="post-text" itemprop="text"> <p>When I try install to composer on my system, it always gives me this error </p> <pre><code> The "https://getcomposer.org/versions" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed Failed to enable crypto failed to open stream: operation failed </code></pre> <p>I used the php -r 'print_r(openssl_get_cert_locations());' command to see the php default cert locations and the result is below: </p> <pre><code> Array ( [default_cert_file] =&gt; C:\usr\local\ssl/cert.pem [default_cert_file_env] =&gt; SSL_CERT_FILE [default_cert_dir] =&gt; C:\usr\local\ssl/certs [default_cert_dir_env] =&gt; SSL_CERT_DIR [default_private_dir] =&gt; C:\usr\local\ssl/private [default_default_cert_area] =&gt; C:\usr\local\ssl [ini_cafile] =&gt; C:\xampp\apache\cert.pem [ini_capath] =&gt; ) </code></pre> <p>C:\usr\local\ssl/cert.pem does not exist so I then downloaded an ssl cert from <a href="http://curl.haxx.se/ca/cacert.pem" rel="nofollow noreferrer">http://curl.haxx.se/ca/cacert.pem</a> and manually created the C:\usr\local\ssl/cert.pem but still no success. I really need a solution as I'm out of options or is there a way I can bypass the ssl cert validation. </p> </div>

Go的crypto / tls是否已准备好用于生产环境? [关闭]

<div class="post-text" itemprop="text"> <p>There was previously a comment regarding the crypto/tls library in Go not being ready for production which has been quoted in many places but I have not seen any real updates on this issue.</p> <p><a href="http://grokbase.com/p/gg/golang-nuts/139sqq5hw5/go-nuts-re-go-is-production-ready-but-the-crypto-tls-package-isnt" rel="nofollow">http://grokbase.com/p/gg/golang-nuts/139sqq5hw5/go-nuts-re-go-is-production-ready-but-the-crypto-tls-package-isnt</a></p> <p>What is the status today? Since the comment was made both v1.2 and v1.3 of the language has been released. Has the library matured? Is it considered production ready?</p> </div>

python ssl客户端认证

server端 ``` # coding:utf-8 from __future__ import absolute_import, division, print_function, with_statement import socket, ssl import os import tornado.tcpserver from tornado.ioloop import IOLoop import tornado.gen ssl_ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_ctx.load_cert_chain("/keys/server.crt", "/keys/server.key") ssl_ctx.load_verify_locations("keys/ca.crt") ssl_ctx.verify_mode = ssl.CERT_REQUIRED class A(tornado.tcpserver.TCPServer): def handle_stream(self, stream, address): self.run(stream) @tornado.gen.coroutine def run(self, stream): body = yield stream.read_bytes(111110, partial=True) print(body) def main(): server = A(ssl_options=ssl_ctx) server.listen(6030, '') io_loop = IOLoop.current() io_loop.add_callback(main) io_loop.start() ``` client端 ``` # coding:utf-8 import socket, ssl, pprint import os s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_ctx.load_cert_chain("keys/server.crt","keys/server.key") ssl_sock = ssl_ctx.wrap_socket(s) ssl_sock.connect(('localhost', 6030)) print repr(ssl_sock.getpeername()) print ssl_sock.cipher() print pprint.pformat(ssl_sock.getpeercert()) ssl_sock.write("boo!") ``` 运行后 服务器端报错 [SSL: NO_CERTIFICATE_RETURNED] no certificate returned (_ssl.c:590) 客户端也报错 [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:590) 我想做的是ssl双向认证

大学四年自学走来,这些私藏的实用工具/学习网站我贡献出来了

大学四年,看课本是不可能一直看课本的了,对于学习,特别是自学,善于搜索网上的一些资源来辅助,还是非常有必要的,下面我就把这几年私藏的各种资源,网站贡献出来给你们。主要有:电子书搜索、实用工具、在线视频学习网站、非视频学习网站、软件下载、面试/求职必备网站。 注意:文中提到的所有资源,文末我都给你整理好了,你们只管拿去,如果觉得不错,转发、分享就是最大的支持了。 一、电子书搜索 对于大部分程序员...

在中国程序员是青春饭吗?

今年,我也32了 ,为了不给大家误导,咨询了猎头、圈内好友,以及年过35岁的几位老程序员……舍了老脸去揭人家伤疤……希望能给大家以帮助,记得帮我点赞哦。 目录: 你以为的人生 一次又一次的伤害 猎头界的真相 如何应对互联网行业的「中年危机」 一、你以为的人生 刚入行时,拿着傲人的工资,想着好好干,以为我们的人生是这样的: 等真到了那一天,你会发现,你的人生很可能是这样的: ...

程序员请照顾好自己,周末病魔差点一套带走我。

程序员在一个周末的时间,得了重病,差点当场去世,还好及时挽救回来了。

ArrayList源码分析(入门篇)

ArrayList源码分析 前言: 写这篇博客的主要原因是,在我上一次参加千牵科技Java实习生面试时,有被面试官问到ArrayList为什么查找的速度较快,插入和删除的速度较慢?当时我回答得不好,很大的一部分原因是因为我没有阅读过ArrayList源码,虽然最后收到Offer了,但我拒绝了,打算寒假学得再深入些再广泛些,下学期开学后再去投递其他更好的公司。为了更加深入理解ArrayList,也为

我以为我学懂了数据结构,直到看了这个导图才发现,我错了

数据结构与算法思维导图

String s = new String(" a ") 到底产生几个对象?

老生常谈的一个梗,到2020了还在争论,你们一天天的,哎哎哎,我不是针对你一个,我是说在座的各位都是人才! 上图红色的这3个箭头,对于通过new产生一个字符串(”宜春”)时,会先去常量池中查找是否已经有了”宜春”对象,如果没有则在常量池中创建一个此字符串对象,然后堆中再创建一个常量池中此”宜春”对象的拷贝对象。 也就是说准确答案是产生了一个或两个对象,如果常量池中原来没有 ”宜春” ,就是两个。...

技术大佬:我去,你写的 switch 语句也太老土了吧

昨天早上通过远程的方式 review 了两名新来同事的代码,大部分代码都写得很漂亮,严谨的同时注释也很到位,这令我非常满意。但当我看到他们当中有一个人写的 switch 语句时,还是忍不住破口大骂:“我擦,小王,你丫写的 switch 语句也太老土了吧!” 来看看小王写的代码吧,看完不要骂我装逼啊。 private static String createPlayer(PlayerTypes p...

和黑客斗争的 6 天!

互联网公司工作,很难避免不和黑客们打交道,我呆过的两家互联网公司,几乎每月每天每分钟都有黑客在公司网站上扫描。有的是寻找 Sql 注入的缺口,有的是寻找线上服务器可能存在的漏洞,大部分都...

讲一个程序员如何副业月赚三万的真实故事

loonggg读完需要3分钟速读仅需 1 分钟大家好,我是你们的校长。我之前讲过,这年头,只要肯动脑,肯行动,程序员凭借自己的技术,赚钱的方式还是有很多种的。仅仅靠在公司出卖自己的劳动时...

上班一个月,后悔当初着急入职的选择了

最近有个老铁,告诉我说,上班一个月,后悔当初着急入职现在公司了。他之前在美图做手机研发,今年美图那边今年也有一波组织优化调整,他是其中一个,在协商离职后,当时捉急找工作上班,因为有房贷供着,不能没有收入来源。所以匆忙选了一家公司,实际上是一个大型外包公司,主要派遣给其他手机厂商做外包项目。**当时承诺待遇还不错,所以就立马入职去上班了。但是后面入职后,发现薪酬待遇这块并不是HR所说那样,那个HR自...

女程序员,为什么比男程序员少???

昨天看到一档综艺节目,讨论了两个话题:(1)中国学生的数学成绩,平均下来看,会比国外好?为什么?(2)男生的数学成绩,平均下来看,会比女生好?为什么?同时,我又联想到了一个技术圈经常讨...

副业收入是我做程序媛的3倍,工作外的B面人生是怎样的?

提到“程序员”,多数人脑海里首先想到的大约是:为人木讷、薪水超高、工作枯燥…… 然而,当离开工作岗位,撕去层层标签,脱下“程序员”这身外套,有的人生动又有趣,马上展现出了完全不同的A/B面人生! 不论是简单的爱好,还是正经的副业,他们都干得同样出色。偶尔,还能和程序员的特质结合,产生奇妙的“化学反应”。 @Charlotte:平日素颜示人,周末美妆博主 大家都以为程序媛也个个不修边幅,但我们也许...

MySQL数据库面试题(2020最新版)

文章目录数据库基础知识为什么要使用数据库什么是SQL?什么是MySQL?数据库三大范式是什么mysql有关权限的表都有哪几个MySQL的binlog有有几种录入格式?分别有什么区别?数据类型mysql有哪些数据类型引擎MySQL存储引擎MyISAM与InnoDB区别MyISAM索引与InnoDB索引的区别?InnoDB引擎的4大特性存储引擎选择索引什么是索引?索引有哪些优缺点?索引使用场景(重点)...

如果你是老板,你会不会踢了这样的员工?

有个好朋友ZS,是技术总监,昨天问我:“有一个老下属,跟了我很多年,做事勤勤恳恳,主动性也很好。但随着公司的发展,他的进步速度,跟不上团队的步伐了,有点...

我入职阿里后,才知道原来简历这么写

私下里,有不少读者问我:“二哥,如何才能写出一份专业的技术简历呢?我总感觉自己写的简历太烂了,所以投了无数份,都石沉大海了。”说实话,我自己好多年没有写过简历了,但我认识的一个同行,他在阿里,给我说了一些他当年写简历的方法论,我感觉太牛逼了,实在是忍不住,就分享了出来,希望能够帮助到你。 01、简历的本质 作为简历的撰写者,你必须要搞清楚一点,简历的本质是什么,它就是为了来销售你的价值主张的。往深...

玩转springboot启动banner定义所得

最近接手了一个springboot项目,不是不熟悉这个框架,启动时打印的信息吸引了我。 这不是我熟悉的常用springboot的打印信息啊,我打开自己的项目: 还真是的,不用默认的感觉也挺高大上的。一时兴起,就去研究了一下源代码,还正是有些收获,稍后我会总结一下。正常情况下做为一个老程序员,是不会对这种小儿科感兴趣的,不就是一个控制台打印嘛。哈哈! 于是出于最初的好奇,研究了项目的源代码。看到

带了6个月的徒弟当了面试官,而身为高级工程师的我天天修Bug......

即将毕业的应届毕业生一枚,现在只拿到了两家offer,但最近听到一些消息,其中一个offer,我这个组据说客户很少,很有可能整组被裁掉。 想问大家: 如果我刚入职这个组就被裁了怎么办呢? 大家都是什么时候知道自己要被裁了的? 面试软技能指导: BQ/Project/Resume 试听内容: 除了刷题,还有哪些技能是拿到offer不可或缺的要素 如何提升面试软实力:简历, 行为面试,沟通能...

离职半年了,老东家又发 offer,回不回?

有小伙伴问松哥这个问题,他在上海某公司,在离职了几个月后,前公司的领导联系到他,希望他能够返聘回去,他很纠结要不要回去? 俗话说好马不吃回头草,但是这个小伙伴既然感到纠结了,我觉得至少说明了两个问题:1.曾经的公司还不错;2.现在的日子也不是很如意。否则应该就不会纠结了。 老实说,松哥之前也有过类似的经历,今天就来和小伙伴们聊聊回头草到底吃不吃。 首先一个基本观点,就是离职了也没必要和老东家弄的苦...

男生更看重女生的身材脸蛋,还是思想?

往往,我们看不进去大段大段的逻辑。深刻的哲理,往往短而精悍,一阵见血。问:产品经理挺漂亮的,有点心动,但不知道合不合得来。男生更看重女生的身材脸蛋,还是...

为什么程序员做外包会被瞧不起?

二哥,有个事想询问下您的意见,您觉得应届生值得去外包吗?公司虽然挺大的,中xx,但待遇感觉挺低,马上要报到,挺纠结的。

当HR压你价,说你只值7K,你该怎么回答?

当HR压你价,说你只值7K时,你可以流畅地回答,记住,是流畅,不能犹豫。 礼貌地说:“7K是吗?了解了。嗯~其实我对贵司的面试官印象很好。只不过,现在我的手头上已经有一份11K的offer。来面试,主要也是自己对贵司挺有兴趣的,所以过来看看……”(未完) 这段话主要是陪HR互诈的同时,从公司兴趣,公司职员印象上,都给予对方正面的肯定,既能提升HR的好感度,又能让谈判气氛融洽,为后面的发挥留足空间。...

面试:第十六章:Java中级开发(16k)

HashMap底层实现原理,红黑树,B+树,B树的结构原理 Spring的AOP和IOC是什么?它们常见的使用场景有哪些?Spring事务,事务的属性,传播行为,数据库隔离级别 Spring和SpringMVC,MyBatis以及SpringBoot的注解分别有哪些?SpringMVC的工作原理,SpringBoot框架的优点,MyBatis框架的优点 SpringCould组件有哪些,他们...

面试阿里p7,被按在地上摩擦,鬼知道我经历了什么?

面试阿里p7被问到的问题(当时我只知道第一个):@Conditional是做什么的?@Conditional多个条件是什么逻辑关系?条件判断在什么时候执...

终于懂了TCP和UDP协议区别

终于懂了TCP和UDP协议区别

你打算用Java 8一辈子都不打算升级到Java 14,真香

我们程序员应该抱着尝鲜、猎奇的心态,否则就容易固步自封,技术停滞不前。

无代码时代来临,程序员如何保住饭碗?

编程语言层出不穷,从最初的机器语言到如今2500种以上的高级语言,程序员们大呼“学到头秃”。程序员一边面临编程语言不断推陈出新,一边面临由于许多代码已存在,程序员编写新应用程序时存在重复“搬砖”的现象。 无代码/低代码编程应运而生。无代码/低代码是一种创建应用的方法,它可以让开发者使用最少的编码知识来快速开发应用程序。开发者通过图形界面中,可视化建模来组装和配置应用程序。这样一来,开发者直...

面试了一个 31 岁程序员,让我有所触动,30岁以上的程序员该何去何从?

最近面试了一个31岁8年经验的程序猿,让我有点感慨,大龄程序猿该何去何从。

大三实习生,字节跳动面经分享,已拿Offer

说实话,自己的算法,我一个不会,太难了吧

程序员垃圾简历长什么样?

已经连续五年参加大厂校招、社招的技术面试工作,简历看的不下于万份 这篇文章会用实例告诉你,什么是差的程序员简历! 疫情快要结束了,各个公司也都开始春招了,作为即将红遍大江南北的新晋UP主,那当然要为小伙伴们做点事(手动狗头)。 就在公众号里公开征简历,义务帮大家看,并一一点评。《启舰:春招在即,义务帮大家看看简历吧》 一石激起千层浪,三天收到两百多封简历。 花光了两个星期的所有空闲时...

《经典算法案例》01-08:如何使用质数设计扫雷(Minesweeper)游戏

我们都玩过Windows操作系统中的经典游戏扫雷(Minesweeper),如果把质数当作一颗雷,那么,表格中红色的数字哪些是雷(质数)?您能找出多少个呢?文中用列表的方式罗列了10000以内的自然数、质数(素数),6的倍数等,方便大家观察质数的分布规律及特性,以便对算法求解有指导意义。另外,判断质数是初学算法,理解算法重要性的一个非常好的案例。

立即提问
相关内容推荐