为 Linux 配置 OpenSSLConfigure OpenSSL for Linux
使用 1.9.0 之前的任何语音 SDK 版本时,会将 OpenSSL 动态配置为主机系统版本。When using any Speech SDK version before 1.9.0, OpenSSL is dynamically configured to the host-system version. 在更高版本的语音 SDK 中,OpenSSL(版本为 1.1.1 b)会静态链接到语音 SDK 的核心库。In later versions of the Speech SDK, OpenSSL (version 1.1.1b) is statically linked to the core library of the Speech SDK.
若要确保连接性,请验证是否在系统中安装了 OpenSSL 证书。To ensure connectivity, verify that OpenSSL certificates have been installed in your system. 运行命令:Run a command:
openssl version -d
基于 Ubuntu/Debian 的系统上的输出应为:The output on Ubuntu/Debian based systems should be:
OPENSSLDIR: "/usr/lib/ssl"
检查 OPENSSLDIR 下是否存在 certs 子目录。Check whether there is certs subdirectory under OPENSSLDIR. 在上面的示例中,它会是 /usr/lib/ssl/certs。In the example above, it would be /usr/lib/ssl/certs.
如果有
/usr/lib/ssl/certs并且它包含多个单独的证书文件(扩展名为.crt或.pem),则无需执行进一步的操作。If there is/usr/lib/ssl/certsand it contains many individual certificate files (with.crtor.pemextension), there is no need for further actions.如果 OPENSSLDIR 不是
/usr/lib/ssl,并且/或者存在单个证书绑定文件而不是多个单独的文件,则需设置相应的 SSL 环境变量来指示可在何处找到证书。If OPENSSLDIR is something else than/usr/lib/ssland/or there is a single certificate bundle file instead of multiple individual files, you need to set an appropriate SSL environment variable to indicate where the certificates can be found.
示例Examples
- OPENSSLDIR 为
/opt/ssl。OPENSSLDIR is/opt/ssl. 存在certs子目录,其中包含许多.crt或.pem文件。There iscertssubdirectory with many.crtor.pemfiles. 在运行使用语音 SDK 的程序之前,请将环境变量SSL_CERT_DIR设置为指向/opt/ssl/certs。Set environment variableSSL_CERT_DIRto point at/opt/ssl/certsbefore running a program that uses the Speech SDK. 例如:For example:
export SSL_CERT_DIR=/opt/ssl/certs
- OPENSSLDIR 是
/etc/pki/tls(类似于基于 RHEL/CentOS 的系统)。OPENSSLDIR is/etc/pki/tls(like on RHEL/CentOS based systems). 存在certs子目录,其中包含证书绑定文件(例如ca-bundle.crt)。There iscertssubdirectory with a certificate bundle file, for exampleca-bundle.crt. 在运行使用语音 SDK 的程序之前,请将环境变量SSL_CERT_FILE设置为指向该文件。Set environment variableSSL_CERT_FILEto point at that file before running a program that uses the Speech SDK. 例如:For example:
export SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt