Unsolved https request with self signed certificate
-
Hello everyone
I would like to make a https get request to a server which has a self signed certificate. When I do the request with curl it looks like this and it returns the correct values:
curl -G -k -H 'Accept: application/json' -H "Authorization: Bearer ${AuthoToken}" https://123.123.123.123:xx/api/users
The AuthoToken is stored in an environment variable.
Ho can I implement this in my Qt Application? I tried around for several hours with QNetworkRequest and QSslSocket, but somehow I cannot figure out how to get it working. The certificate of the server looks something like this. I copied it into a cert.pem file.
-----BEGIN CERTIFICATE----- MIIFozCCA4ugAwIBAgIJAJlqb0yOOzbYMA0GCSqGSIb3DQEBDAUAMGQxCzAJBgNV BAYTAmNoMRgwFgYDVQQDDA92ei1hcmNhLTEubG9jYWwxFTATBgNVBAoMDEFSQ0FU cnVzdCBTQTEkMCIGA1UECwwbYXJjYS0wLjAuMC4wIGdlbmVyYXRlZCBjZXJ0MB4X DTE5MDMyMjExNTAyOVoXDTIwMDMyMTExNTAyOVowZDELMAkGA1UEBhMCY2gxGDAW BgNVBAMMD3Z6LWFyY2EtMS5sb2NhbDEVMBMGA1UECgwMQVJDQVRydXN0IFNBMSQw IgYDVQQLDBthcmNhLTAuMC4wLjAgZ2VuZXJhdGVkIGNlcnQwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQCbGyFGKZCMvfgNZL/Q5RwYVpWTdNYfPTZdkfnn /4beMdhAF00yQF3bK8dbYaReJ+9x/fOZ1KdnqVkQoiDNoNNfx9GJHSZKO5tg1yep 21dInG3K8Zu+Ror7//J5jxMyd9KfAFbDfydRvOiyCQIhxfu6/BnpHdGzHYmhjhsD uYdblMHhetzhip3WQJqw51mp3Mr86okpAnoev3kWDTtfR+fKhIcLJCt7fIyyIzh4 A7/GydogOA3rLyK/y8YFytP+aTVVtmOYHZkFl/4TU1HKDKOsa2uq+YxuW6d0kd4+ ymBfgaTxpMEbOSJoSf+lYX7Fmn722baljO/rV2n/cwbGH/FLHaANzETJ8UpVutNv wq4NgFr6qaDl2wOJdH+JMp6Q+4R+EfEbut08auSJEtfh4enf1VYdPcBuSr4XZy1i 1r3o3eR0J5HzcDtLPWXGe1GXFHSRmGIobPLiFVeTclQNOleTq2EW9Xdnl+AdvRke WEnVA3g9XFf+jqLWLa8yAQ7U++wRiua/SuBuyDxzSVIlXOe6CcK7mZQVkoDTe9i2 EyUcKFYC6HYhxfccmwwyrG29WykSpnkQArBEyD6L9MdN7mb428IXcGVIxbZfxTpm zN52Q/dFFY8R0bkzDQtZM02luadsfpzl9gXfq5itqlhE4uIBWSIv36rVvOnRMMHxLoFJ RDSQ9wIDAQABo1gwVjBUBgNVHREETTBLgglsb2NhbGhvc3SCD3Z6LWFyY2EtMS5s b2NhbIIJdnotYXJjYS0xhxAAAAAAAAAAAAAAAAAAAAABhwR/AAABhwQKFAJlhwSp /qn+MA0GCSqGSIb3DQEBDAUAA4ICAQAlSaON4Qbo9c/CNtlP3jMke1oh4m7vqLGa RcuqOXWGaRIdZ7Hl9uuIylasdadfLIwCne9hQYJ+XuEO965IXulUEV/AezVrUvbvDX2g9l fEb2bHGfT9R6zDp5w7gO0QkXrBasdfHrz8tOSEW+GHewvLNGjysFR2R3gq07pJFESMHg KrJkO2AOgaOyUMl4yuPDmMUjZt9b8KgF6bhvLxZgSBsgNBGxCGTAanQ1AAVFLk/3 fAyYt85Ao7NpFLkDLBAkBHrp8GepZnFzUk891pWkxHgbDsu4Es6H52RzhTRjfFuu un0mjauWhlvFDf0jq8+sjVS8lQ0wctJ0Mt7zSjA7FinOmv8rxhrOY0MvscTZ9v5X sDmJat5+XvPPoof1+TdpXeOoHfNbNv0CSXTQtbHuA6vQIejY9lNDMPqwyN7kzjd/ BsgH7v35rMUNi6/Fb+ofrzI3OpzGWiQwEZ+xqAzkfB7nNrAVa8SGpv7ifFG0W97A 4IOQ8HsVYv8iQuSQ/L5L0NpBQKptaAaHbYOwkcdCelCQ++JP11Q7xei5c4CFj37H byj+tXrTRfg9zWmpAts6Tg9gXDasdf6gdF98+fzIIa21Sw/469+c1APx15YC+A5PBb/H Dgf9olHEOL1ZF9PXVM+uJl8ZX7xAasfdY6CCV4jMuKOd0iQ9dDvdavHOaARGW+VxpdE2 b2iudep5VQ== -----END CERTIFICATE-----
The request should return a JSON Object which I can process in my application.
openSSL seem to work. When I call:
qDebug() << "openSSL Version:" << QSslSocket::sslLibraryBuildVersionString();
I get the following output:
openSSL Version: "OpenSSL 1.1.1c 28 May 2019"
Thanks for your help
-
Hi,
What exact error are you getting from the socket ?
-
That is my test applikation:
MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent), ui(new Ui::MainWindow) { ui->setupUi(this); qDebug() << "openSSL Version:" << QSslSocket::sslLibraryBuildVersionString(); QSslSocket *socket = new QSslSocket(this); connect(socket, SIGNAL(encrypted()), this, SLOT(ready())); QString certPath = "/home/xyz/src/qtsrc-5.13/socket/cert.pem.txt"; QSslCertificate certificate = getCertificate(certPath); QList<QSslCertificate> certificates; certificates << certificate; socket->addCaCertificate(certificate); QSslConfiguration config = socket->sslConfiguration(); QList<QSslCertificate> sockeCertificates = config.caCertificates(); qDebug() << "Number of Certificates" << sockeCertificates.size(); qDebug() << "isNull:" << sockeCertificates.at(0).isNull(); qDebug() << "isSelfSigned:" << sockeCertificates.at(0).isSelfSigned(); /* config.setCaCertificates(certificates); socket->setSslConfiguration(config); */ socket->connectToHostEncrypted("1.1.1.1", 1163); if (!socket->waitForEncrypted()) { qDebug() << "Socket Error:" << socket->errorString(); } socket->write("GET / HTTP/1.0\r\n\r\n"); while (socket->waitForReadyRead()) qDebug() << socket->readAll().data(); } MainWindow::~MainWindow() { delete ui; } void MainWindow::ready() { qDebug() << "Ready"; } QSslCertificate MainWindow::getCertificate(const QString filePath) { QFile certFile(filePath); QByteArray certArray; if (certFile.open(QIODevice::ReadOnly | QIODevice::Text)) { while (!certFile.atEnd()) { QByteArray line = certFile.readLine().trimmed(); certArray.append(line); } } return QSslCertificate(certArray); }
And the is the output:
openSSL Version: "OpenSSL 1.1.1c 28 May 2019" Number of Certificates 1 isNull: true isSelfSigned: false Socket Error: "Der Name des Hosts ist keiner aus der Liste der für dieses Zertifikat gültigen Hosts"
I'm not quite sure how to setup the certificate which I got from the server.