[Qt-interest] RSA in QT
Serge
mb0 at km.ru
Fri Jan 30 01:37:37 CET 2009
Hi,
> HTTPS is a very good idea. Here is a plan for you:
> 1) store the public key of the server in a ressource
I purchased certificate for server for one year at godaddy.com.
Next year i will need to renew it. May be it will be the other
certificate. If i will store public key in resource of program, program
will stop working if certificate changes.
> 2) before establishing the connection purge the CA list of Qt and put your
> servers public key in as the only CA key - this will make sure that it is
> impossible to communicate with any other server (unless you call
> ignoreSslErrors - don't call it!)
How to do it using QT in code?
I found only 2 examples, working with SSL: network/http, securesocketclient.
They are not changing CA list of QT, as i understand.
> 3) generate another SSL-certificate and put it completely (including
> private and public key) into the ressources
Can i generate myself free self-signed certificate for it, without
purchasing it?
> 4) use the second SSL-cert as client certificate
How to do it in code?
network/http, securesocketclient do not demonstrate it.
In http example QHttp::ConnectionModeHttps is just passed to QHttp object.
No additional processing for SSL.
securesocketclient demonstrates how to read/write raw data without using
http protocol.
How to tell to QHttp, that its QSslSocket must use my client certificate?
> 5) on the server side check the client certificate and refuse
> communication if the wrong or no client certificate is used
How in PHP script read info about client certificate, used for https
connection?
--
Serge
More information about the Qt-interest-old
mailing list