为 Linux 配置 OpenSSLConfigure OpenSSL for Linux

使用 1.9.0 之前的任何语音 SDK 版本时,会将 OpenSSL 动态配置为主机系统版本。When using any Speech SDK version before 1.9.0, OpenSSL is dynamically configured to the host-system version. 在更高版本的语音 SDK 中,OpenSSL(版本为 1.1.1 b)会静态链接到语音 SDK 的核心库。In later versions of the Speech SDK, OpenSSL (version 1.1.1b) is statically linked to the core library of the Speech SDK.

若要确保连接性,请验证是否在系统中安装了 OpenSSL 证书。To ensure connectivity, verify that OpenSSL certificates have been installed in your system. 运行命令:Run a command:

openssl version -d

基于 Ubuntu/Debian 的系统上的输出应为:The output on Ubuntu/Debian based systems should be:

OPENSSLDIR: "/usr/lib/ssl"

检查 OPENSSLDIR 下是否存在 certs 子目录。Check whether there is certs subdirectory under OPENSSLDIR. 在上面的示例中,它会是 /usr/lib/ssl/certsIn the example above, it would be /usr/lib/ssl/certs.

  • 如果有 /usr/lib/ssl/certs 并且它包含多个单独的证书文件(扩展名为 .crt.pem),则无需执行进一步的操作。If there is /usr/lib/ssl/certs and it contains many individual certificate files (with .crt or .pem extension), there is no need for further actions.

  • 如果 OPENSSLDIR 不是 /usr/lib/ssl,并且/或者存在单个证书绑定文件而不是多个单独的文件,则需设置相应的 SSL 环境变量来指示可在何处找到证书。If OPENSSLDIR is something else than /usr/lib/ssl and/or there is a single certificate bundle file instead of multiple individual files, you need to set an appropriate SSL environment variable to indicate where the certificates can be found.

示例Examples

  • OPENSSLDIR 为 /opt/sslOPENSSLDIR is /opt/ssl. 存在 certs 子目录,其中包含许多 .crt.pem 文件。There is certs subdirectory with many .crt or .pem files. 在运行使用语音 SDK 的程序之前,请将环境变量 SSL_CERT_DIR 设置为指向 /opt/ssl/certsSet environment variable SSL_CERT_DIR to point at /opt/ssl/certs before running a program that uses the Speech SDK. 例如:For example:
export SSL_CERT_DIR=/opt/ssl/certs
  • OPENSSLDIR 是 /etc/pki/tls(类似于基于 RHEL/CentOS 的系统)。OPENSSLDIR is /etc/pki/tls (like on RHEL/CentOS based systems). 存在 certs 子目录,其中包含证书绑定文件(例如 ca-bundle.crt)。There is certs subdirectory with a certificate bundle file, for example ca-bundle.crt. 在运行使用语音 SDK 的程序之前,请将环境变量 SSL_CERT_FILE 设置为指向该文件。Set environment variable SSL_CERT_FILE to point at that file before running a program that uses the Speech SDK. 例如:For example:
export SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt

后续步骤Next steps