[Interest] macOS: troubles using my own CA

Alexander Dyagilev alervdvcw at gmail.com
Tue Jul 19 21:52:10 CEST 2022


Accidentally, found the solution for this issue:

|// This avoids using the default keychain for SSL, which may cause // 
password prompts on macOS. qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");|

On 7/12/2022 11:21 AM, Alexander Dyagilev wrote:
> Hello,
> I'm on macOS Big Sur 11.5.1.
> First, I must say, that there are NO problems when I use Qt 6.3.0.
> But, I HAVE TO use Qt 5.12.12, so please if anyone know something that 
> can help - please help :)
> I have my own server, written on Qt, on SSL sockets, with my own CA 
> certificate. I install it using 
> QSslConfiguration::setCaCertificates({myCaCert}). I don't use it 
> widely, only for the socket which is to communicate with my server.
> All is working fine under Windows/Linux/Android. But, when it comes to 
> macOS, I'm getting this socket error (when connecting to my server): 
> "the root ca certificate is not trusted for this purpose".
> OK, I've made my own security check function as a workaround, which 
> calls ignoreSslErrors(). And it started to work. BUT. My question is 
> not about this. I've got a second problem after this:
> While I launch the same binary - all is OK. But if I modify it (so 
> this would happen for our users after we update our app next time), 
> I'm getting this strange message:
> Again, if, after that, I build app using Qt 6.3.0 and launch it - this 
> message never appears.
> So, this must be an issue with Qt 5.12. What I want to ask for: is 
> there any known workaround to suppress this message under Qt 5.12.12?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20220719/f266e74f/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0qsEjVIVbphbtaS4.png
Type: image/png
Size: 19481 bytes
Desc: not available
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20220719/f266e74f/attachment.png>

More information about the Interest mailing list