securityFuns.AcquireCredentialsHandle執行後,返回1312錯誤碼。如下代碼:
#include <schannel.h>
#define SECURITY_WIN32
#include <security.h>
#pragma comment(lib,"crypt32.lib")
int _tmain(int argc, _TCHAR* argv[])
{
HMODULE modSchannel = ::LoadLibrary("SCHANNEL.DLL");
#ifdef UNICODE
INIT_SECURITY_INTERFACE pfInitSecurityInterface = (INIT_SECURITY_INTERFACE)GetProcAddress(modSchannel, "InitSecurityInterfaceW" );
#else
INIT_SECURITY_INTERFACE pfInitSecurityInterface = (INIT_SECURITY_INTERFACE)GetProcAddress(modSchannel, "InitSecurityInterfaceA" );
#endif
PSecurityFunctionTable pSecurityFuns = pfInitSecurityInterface? pfInitSecurityInterface():NULL;
SecurityFunctionTable securityFuns;
::memcpy(&securityFuns, pSecurityFuns, sizeof(securityFuns));
HCERTSTORE hMyCertStore = CertOpenSystemStore(0,_T("ROOT"));
PCCERT_CONTEXT pCertContext = CertFindCertificateInStore(hMyCertStore, PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR_A, L"ssltester", NULL);
SCHANNEL_CRED schannelCred;
memset(&schannelCred, 0, sizeof(schannelCred));
schannelCred.cCreds = 1;
schannelCred.paCred = &pCertContext;
// schannelCred.hRootStore = hMyCertStore;
schannelCred.dwFlags = SCH_CRED_NO_SYSTEM_MAPPER|SCH_CRED_REVOCATION_CHECK_CHAIN;
schannelCred.dwVersion = SCHANNEL_CRED_VERSION;
schannelCred.grbitEnabledProtocols = SP_PROT_SSL3TLS1_SERVERS;
TimeStamp lifetime; //證書生存時間
CredHandle hCreds;
SECURITY_STATUS sec_ret = securityFuns.AcquireCredentialsHandle( NULL, UNISP_NAME, SECPKG_CRED_INBOUND, NULL, &schannelCred, NULL, NULL, &hCreds, &lifetime );
unsigned long lErrorCode;
if( sec_ret != SEC_E_OK )
{
lErrorCode = ::GetLastError(); //返回1312錯誤碼
}
else
{
lErrorCode = 0;
}
return 0;
}
經過檢查發現是證書存在異常。問題已經解決。
