C++ WinHttp安全证书验证设置

在C++中，使用WinHttp库进行HTTP请求时，可能需要对服务器的SSL/TLS证书进行验证

以下是一个示例代码，展示了如何在C++中使用WinHttp库进行安全证书验证设置：

#include<Windows.h>
#include <WinHttp.h>
#include<iostream>

int main() {
    // 初始化WinHttp
    HINTERNET hSession = WinHttpOpen(L"MyUserAgent", WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0);
    if (!hSession) {
        std::cerr << "WinHttpOpen failed: "<< GetLastError()<< std::endl;
        return 1;
    }

    // 连接到服务器
    HINTERNET hConnect = WinHttpConnect(hSession, L"example.com", INTERNET_DEFAULT_HTTPS_PORT, 0);
    if (!hConnect) {
        std::cerr << "WinHttpConnect failed: "<< GetLastError()<< std::endl;
        WinHttpCloseHandle(hSession);
        return 1;
    }

    // 创建请求
    HINTERNET hRequest = WinHttpOpenRequest(hConnect, L"GET", L"/", NULL, WINHTTP_NO_REFERER, WINHTTP_DEFAULT_ACCEPT_TYPES, WINHTTP_FLAG_SECURE);
    if (!hRequest) {
        std::cerr << "WinHttpOpenRequest failed: "<< GetLastError()<< std::endl;
        WinHttpCloseHandle(hConnect);
        WinHttpCloseHandle(hSession);
        return 1;
    }

    // 设置安全证书验证选项
    DWORD dwOption = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | SECURITY_FLAG_IGNORE_CERT_CN_INVALID | SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
    if (!WinHttpSetOption(hRequest, WINHTTP_OPTION_SECURITY_FLAGS, &dwOption, sizeof(dwOption))) {
        std::cerr << "WinHttpSetOption failed: "<< GetLastError()<< std::endl;
        WinHttpCloseHandle(hRequest);
        WinHttpCloseHandle(hConnect);
        WinHttpCloseHandle(hSession);
        return 1;
    }

    // 发送请求
    if (!WinHttpSendRequest(hRequest, WINHTTP_NO_ADDITIONAL_HEADERS, 0, WINHTTP_NO_REQUEST_DATA, 0, 0, 0)) {
        std::cerr << "WinHttpSendRequest failed: "<< GetLastError()<< std::endl;
        WinHttpCloseHandle(hRequest);
        WinHttpCloseHandle(hConnect);
        WinHttpCloseHandle(hSession);
        return 1;
    }

    // 接收响应
    if (!WinHttpReceiveResponse(hRequest, NULL)) {
        std::cerr << "WinHttpReceiveResponse failed: "<< GetLastError()<< std::endl;
        WinHttpCloseHandle(hRequest);
        WinHttpCloseHandle(hConnect);
        WinHttpCloseHandle(hSession);
        return 1;
    }

    // 处理响应
    // ...

    // 清理资源
    WinHttpCloseHandle(hRequest);
    WinHttpCloseHandle(hConnect);
    WinHttpCloseHandle(hSession);

    return 0;
}

在这个示例中，我们设置了WINHTTP_OPTION_SECURITY_FLAGS选项，忽略了未知的CA、证书日期无效、证书CN无效和证书用途不正确的错误。这些选项可以根据实际需求进行调整。

请注意，这个示例仅用于演示目的，实际应用中应该根据需要进行适当的错误处理和资源管理。