. 1 , initializes the SSL: BOOL the init ( String and certFile, String privFile) { SSL_load_error_strings (); int r = SSL_library_init (); if (r == 0) { return false; } ssl_ctx = SSL_CTX_new (SSLv23_method ()); if (ssl_ctx == NULL) { printf("SSL_library_init failed \n"); return false; } err_bio = BIO_new_fd(2, BIO_NOCLOSE); r = SSL_CTX_use_certificate_file(ssl_ctx, certFile.c_str(), SSL_FILETYPE_PEM); if (r <= 0) { printf("SSL_CTX_use_certificate_file %s failed \n", certFile.c_str()); return false; } r = SSL_CTX_use_PrivateKey_file(ssl_ctx, privFile.c_str(), SSL_FILETYPE_PEM); if (r <= 0) { printf("SSL_CTX_use_PrivateKey_file %s failed \n", privFile.c_str()); return false; } r = SSL_CTX_check_private_key(ssl_ctx); if (r == 0) { printf("SSL_CTX_check_private_key failed \n"); return false; } printf("SSL inited success\n"); return true; } 2 , handshake negotiation: int SSLHandshake () { // Before ssl connection is not established, the reader should be added to the event epoll IF (! Tcp_connected) { struct pollfd PFD; pfd.fd = fd; pfd.events = POLLOUT | POLLERR; int r = poll(&pfd, 1, 0); if (r == 1 && pfd.revents == POLLOUT) { printf("tcp connected fd:%d\n", fd); tcp_connected = to true ; // Register write event SetEvent (FD_SEND | FD_RECV | FD_CLOSE | FD_ERROR); } else { printf("poll fd:%d return %d revents %d\n", fd, r, pfd.revents); return -1; } } // If ssl is null, initialization using established ssl socket connection IF (ssl == NULL) { ssl = SSL_new(ssl_ctx); if (ssl == NULL) { printf("SSL_new failed, fd:%d \n", fd); return -1; } int r = SSL_set_fd(ssl, fd); if (r == 0) { printf("SSL_set_fd failed fd:%d \n", fd); } printf("SSL_set_accept_state for fd:%d \n", fd); SSL_set_accept_state(ssl); } int R & lt = SSL_do_handshake (SSL); // if the return value is 1, then the SSL handshake has been completed IF (R & lt == 1 ) { ssl_connected = true; printf("SSL_do_handshake connected success fd:%d\n", fd); return 0; } // After the handshake process is completed, the corresponding event should be removed int ERR = the SSL_get_error (SSL, R & lt); IF (ERR == SSL_ERROR_WANT_WRITE) { // remove read event the SetEvent (FD_SEND | FD_CLOSE | FD_ERROR); printf("SSL_get_error return want write set events, fd:%d \n", fd); return -2; } The else IF (ERR == SSL_ERROR_WANT_READ) { // remove the write event SetEvent (FD_RECV | FD_CLOSE | FD_ERROR); printf("SSL_get_error return want read set events, fd:%d \n", fd); return -2; } else { printf("SSL_get_error return %d error %d errno %d msg %s fd:%d \n" , r, err, errno, strerror(errno), fd); return -1; } }