c++ - Qt QSslSocket "The certificate is self-signed, and untrusted" -
i want connect server qsslsocket , on server soketsslerror "the certificate self-signed, , untrusted" , dont understand why have error.
on first step generated file server , client openssl
$openssl req -new -newkey rsa:1024 -keyout ca.key -x509 -days 500 -out ca.crt $openssl req -new -newkey rsa:1024 -keyout client01.key -out client01.csr $openssl ca -config ca.config -in client01.csr -out client01.crt -batch in c++ server / client
on server:
start server
if (listen(qhostaddress::any,this->connectingport)) { std::cout<<"server start on port: "<<this->connectingport<<std::endl; return true; } else { std::cout<<"cant start server. "<<errorstring().tostdstring().c_str()<<std::endl; return false; } incomingconnection
qfile keyfile("ca.key"); if (!keyfile.open(qiodevice::readonly)) { delete this->sslsocket; qdebug()<<"cant open file: "<<keyfile.filename(); return false; } qbytearray pasp ="qwerty"; qsslkey key(keyfile.readall(),qssl::rsa,qssl::pem,qssl::privatekey,pasp); if (key.isnull()) { delete this->sslsocket; qdebug()<<"key in file "<<keyfile.filename()<<" empty"; return false; } keyfile.close(); this->sslsocket->setprivatekey(key); this->sslsocket->setpeerverifymode(qsslsocket::verifypeer); this->sslsocket->setlocalcertificate("ca.crt"); this->sslsocket->startserverencryption(); on client side:
this->sslsocket->setpeerverifymode(qsslsocket::verifypeer); qfile keyfile("client01.key"); if (!keyfile.open(qiodevice::readonly)) { delete this->sslsocket; qdebug()<<"cant open file: "<<keyfile.filename(); return ; } qbytearray pasp ="qwerty"; qsslkey key(keyfile.readall(),qssl::rsa,qssl::pem,qssl::privatekey,pasp); if (key.isnull()) { delete this->sslsocket; qdebug()<<"key in file "<<keyfile.filename()<<" empty"; return ; } keyfile.close(); this->sslsocket->setprivatekey(key); this->sslsocket->setlocalcertificate("client01.crt"); this->sslsocket->connecttohostencrypted("192.168.0.10",1258); if (!this->sslsocket->waitforencrypted()) { qdebug()<<"error: "<<sslsocket->errorstring(); } and when connecting client on server error
soket ssl error "the certificate self-signed, , untrusted" "the certificate self-signed, , untrusted" socketerror: qabstractsocket::socketerror( 13 ) any idea wrong?
update:
qt creator 3.0.1 based on qt 5.2.1 (gcc 4.8.2, 64 bit)
i suggest try on server:
qlist<qsslcertificate> cert = qsslcertificate::frompath(qlatin1string("your-certificate.pem")); qsslerror error(qsslerror::selfsignedcertificate, cert.at(0)); qlist<qsslerror> expectedsslerrors; expectedsslerrors.append(error); this->sslsocket.ignoresslerrors(expectedsslerrors);
Comments
Post a Comment