I’m attempting to use ofURLFileLoader::handleRequest to make some basic GET and POST requests. I get an SSL connection error whenever I make a request to an https url. Is this the intended behavior? If so, is there another simple way to make https requests using this class?
A note: If I change line 183 in ofURLFileLoader.cpp from
curl_easy_setopt(curl.get(), CURLOPT_SSL_VERIFYHOST, 0);
curl_easy_setopt(curl.get(), CURLOPT_SSL_VERIFYHOST, 2);
the request works and I no longer get the error. I’d rather not modify parts of the built-in OF code if possible, though.
Using 2 for that option seems the most correct from the docs. using 0 should be less restrictive indeed so not sure why it would fail. in any case if using 2 works better can you send a pull request with that change to github?
Ok will do.
I agree that it’s weird that 0 doesn’t work. I don’t know enough about SSL-related things to really be confident in an answer however. Perhaps the endpoint you’re connecting to will reject certain connections based on a policy like this.
I’m on a mac, so this part of the documentation here might be relevant:
DarwinSSL: If verify value is 0, then SNI is also disabled. SNI is a TLS extension that sends the hostname to the server. The server may use that information to do such things as sending back a specific certificate for the hostname, or forwarding the request to a specific origin server. Some hostnames may be inaccessible if SNI is not sent.