[Interest] QSslSocket with a self-signed certificate
Mårten Nordheim
marten.nordheim at qt.io
Thu Nov 22 17:10:28 CET 2018
Does it work if you call setProtocol(QSsl::TlsV1_2) on the client
socket/configuration before connecting?
The PSK emission you see sounds like OpenSSL 1.1.1 with TLS 1.3, but I
don't think it should fail the handshake, or at least don't remember
seeing it do that.
- Mårten
On 22.11.2018 13:09, Konstantin Shegunov wrote:
> Hello,
> I'm struggling to get an SSL connection established between a server and
> a client of mine using a self-signed certificate. The SSL handshake
> fails but I can't seem to find out why. Here's what I did:
>
> For the server:
>
> 1) I generated a key and certificate.
> 2) I've set them to the socket like this:
> socket->setPrivateKey(keyFile);
> socket->setLocalCertificate(certificateFile);
> 3) I call QSslSocket::startServerEncryption to get the handshake
> rolling.
>
>
> For the client:
>
> 1) I used the server's certificate and loaded it (verified it loads
> properly).
> 2) I set it to the socket with QSslSocket::addCaCertificate.
> 3) I call QSslSocket::startClientEncryption.
>
>
> The problem is the client drops the connection with
> QAbstractSocket::SslHandshakeFailedError, however I get nothing from the
> QSslSocket::sslErrors signal (also nada from the method).
>
> I observed, however, that the client socket raises the
> QSslSocket::preSharedKeyAuthenticationRequired for some reason. As I
> don't really handle this one (only debug output) I imagine this is the
> reason the handshake fails. Nonetheless, I thought a PSK authentication
> shouldn't be required whenever I provide a key and a certificate
> server-side.
>
> Any ideas why is this failing and how to solve it?
>
> Thanks in advance!
> Kind regards.
>
>
>
>
> _______________________________________________
> Interest mailing list
> Interest at lists.qt-project.org
> https://lists.qt-project.org/listinfo/interest
>
More information about the Interest
mailing list