[Qt-interest] Problems with CAFile using QSslSocket
Eduardo Robles Elvira
edulix at gmail.com
Sun Jul 25 09:38:28 CEST 2010
On Sat, Jul 24, 2010 at 4:24 AM, Tony Rietwyk
<tony.rietwyk at rightsoft.com.au> wrote:
> Welcome to the list!
>
> Qt gets a predefined list of root certificates from somewhere. That list
> may not include your certificate's referrer - sorry I'm not sure what the
> correct terminology is. Here is the code I used to work around the problem
> by adding the referrer, and debug the default list:
>
> // Load up root certificate for our web certificate.... it's not
> included in Qt default list
> QFile certFile( ":/misc/AddTrustExternalCARoot.crt" );
> if (certFile.open( QIODevice::ReadOnly ))
> rootCertificate = new QSslCertificate( &certFile, QSsl::Pem
> );
>
> certFile.close();
>
> QSslConfiguration *sslConfig = new QSslConfiguration(
> QSslConfiguration::defaultConfiguration() );
>
> QList<QSslCertificate> *caCerts = new QList<QSslCertificate>(
> sslConfig->caCertificates() );
>
> if (rootCertificate->isValid())
> {
> caCerts->append( *rootCertificate );
> sslConfig->setCaCertificates( *caCerts );
> QSslConfiguration::setDefaultConfiguration( *sslConfig );
> }
>
> #ifndef QT_NO_DEBUG
> int x_end = caCerts->count();
> qDebug() << "caCerts.count" << x_end;
> for( int x = 0; x < x_end; ++x )
> qDebug() << "caCert" << x
> << ": Org" <<
> caCerts->at(x).issuerInfo(QSslCertificate::Organization)
> << "ComNam:" <<
> caCerts->at(x).issuerInfo(QSslCertificate::CommonName)
> << "Country: " <<
> caCerts->at(x).issuerInfo(QSslCertificate::CountryName);
> #endif
>
> Hope that helps,
>
> Tony.
Thanks Tony! It worked beautifully =)
More information about the Qt-interest-old
mailing list