Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Setiawan__Johan
Beginner
429 Views

SSL function not declared in scope

i am coding an ssl server. However, whenever i try to make the file, it gives this error.

Enclave/Enclave.cpp: In function ‘SSL_CTX* create_context()’:
Enclave/Enclave.cpp:35:73: error: ‘SSL_load_client_CA_file’ was not declared in this scope
     SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file("client.pem"));
                                                                         ^
Enclave/Enclave.cpp:41:74: error: ‘SSL_CTX_use_certificate_file’ was not declared in this scope
   if (SSL_CTX_use_certificate_file(ctx, "ca.cert.pem", SSL_FILETYPE_PEM) <= 0){
                                                                        ^
Makefile:230: recipe for target 'Enclave/Enclave.o' failed
make: *** [Enclave/Enclave.o] Error 1

This is the function that caused the error.

#include <openssl/ssl.h>
static SSL_CTX *create_context()
{
    const SSL_METHOD *method;
    SSL_CTX *ctx;

    method = TLSv1_2_server_method();

    ctx = SSL_CTX_new(method);
    if (!ctx) {
        printe("Unable to create SSL context");
        exit(EXIT_FAILURE);
    }

   
    SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,NULL);
    
    SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file("client.pem"));
   
    SSL_CTX_load_verify_locations(ctx,"client.pem","/home/sgx/Desktop/Simple_TLS_Server");
    
    if (SSL_CTX_use_certificate_file(ctx, "ca.cert.pem", SSL_FILETYPE_PEM) <= 0){
        printe("error loading server certificate");
        exit(EXIT_FAILURE);
    }
    return ctx;
}

 

 

0 Kudos
1 Reply
Hoang_N_Intel
Employee
429 Views

The best way to solve this problem is to look at the current SGX SSL open source on how it imports the cert into the Enclave and make the call. The source code is at https://github.com/intel/intel-sgx-ssl