[Interest] Qt ssh root ca bundle

Thiago Macieira thiago.macieira at intel.com
Tue Apr 17 14:37:36 CEST 2012


On terça-feira, 17 de abril de 2012 08.52.18, ynon perek wrote:
> Hi All,
> I'm trying to get QtWebkit to work nicely with ssh. It usually does so
> out-of-the-box but the problem is for some machines it does not.
> 
> On the problematic machines, an SSL error signal is sent.
> If I print the errors to a log file I get the error code: QSslError::NoError
> 
> I suspect it had something to do with old certificate files on the
> machines, so I tried bunding my own root ca (which works well in
> curl/wget). Here's the code I use to tell Qt to use my root CAs:
> 
>     QString capath = LicenseUtils::adjustPath(":/ca-bundle.crt");
>     if ( QFile::exists(capath) )
>     {
>         QList<QSslCertificate> cacerts = QSslCertificate::fromPath(capath);
>         QSslSocket::setDefaultCaCertificates(cacerts);
> 
>         QLOG_INFO() << "[Main] Using certs bundle";
>     }
> 
> Unfortunately, this still doesn't work.
> 
> Any ideas how to find out what's wrong and/or fix it ?

How many certificates do you get from that? If the list contains fewer 
certificates than the ones in the file, you've got a parsing error.

Also, can you show us the code that gets the errors?

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center
     Intel Sweden AB - Registration Number: 556189-6027
     Knarrarnäsgatan 15, 164 40 Kista, Stockholm, Sweden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20120417/2223d5e4/attachment.sig>


More information about the Interest mailing list