[Interest] wss:// on localhost

Alexander Carôt alexander_carot at gmx.net
Tue Jul 21 10:07:45 CEST 2020 

> I don't see how that affects anything. Are you saying you can't update the 
> application? If you can't update the application, how are you going to apply 
> the fixes we're discussing here?


Misunderstanding :-) Of course I apply application updates in more or less regular intervals of several weeks. 


> If you meant that they aren't able to generate the certificate, let me clarify 
> that I meant the application should do that automatically.


That was the misunderstanding - I thought you wanted each user to generate it manually.


> There needs to be 
> no user interaction. The certificate is just something that the WebSocket 
> client and server agree upon before start, like the port number. I mentioned 
> "every few months" just so you don't incur the penalty of the generation on 
> every start.


So far I assumed that it is impossible to generate a localhost certificate which runs on any other machine's localhost as well and it brings me to the next question:


How do I generate the required CRT and KEY - File for localhost which shall work on every other client's localhost.

Sorry if the solution might be trivial - I am simply completely unexperienced in terms of securiry :-)

Thanks a lot again in advance

Alex
 

--
http://www.carot.de
Email : Alexander at Carot.de
Tel.: +49 (0)177 5719797


> Gesendet: Montag, 20. Juli 2020 um 16:40 Uhr
> Von: "Thiago Macieira" <thiago.macieira at intel.com>
> An: interest at qt-project.org
> Betreff: Re: [Interest] wss:// on localhost
>
> On Monday, 20 July 2020 01:57:31 PDT Alexander Carôt wrote:
> > The problem is that my application currently has a daily pageview of > 1000
> > and a user base of more than 10.000 - most of the user are non-tech-sage so
> > I need the most simply solution.
> 
> I don't see how that affects anything. Are you saying you can't update the 
> application? If you can't update the application, how are you going to apply 
> the fixes we're discussing here?
> 
> If you meant that they aren't able to generate the certificate, let me clarify 
> that I meant the application should do that automatically. There needs to be 
> no user interaction. The certificate is just something that the WebSocket 
> client and server agree upon before start, like the port number. I mentioned 
> "every few months" just so you don't incur the penalty of the generation on 
> every start.
> 
> -- 
> Thiago Macieira - thiago.macieira (AT) intel.com
>   Software Architect - Intel System Software Products
> 
> 
> 
> _______________________________________________
> Interest mailing list
> Interest at qt-project.org
> https://lists.qt-project.org/listinfo/interest
>

More information about the Interest mailing list