Unsolved configure custom CA Certs?
-
How can you configure WebEngine to use custom CA certs?
-
https://doc.qt.io/qt-5.15/qtwebengine-overview.html#managing-certificates suggests using the certificateError signals. If this functions like QSslSocket or QNetworkReply, telling the stack to ignore the error results in the certificate being accepted.
The other option is to change "the root CA certificates from the operating system". How that is performed is likely OS specific and may require elevated permission.
-
@jeremy_k said in configure custom CA Certs?:
telling the stack to ignore the error results in the certificate being accepted
please don't do that! you may end up accepting any certificate...
-
@Pablo-J-Rogina said in configure custom CA Certs?:
@jeremy_k said in configure custom CA Certs?:
telling the stack to ignore the error results in the certificate being accepted
please don't do that! you may end up accepting any certificate...
That's the point. Ignore the error for certificates that you wish to accept.
For example, QWebEnginePage::certificateError receives a QWebEngineCertificateError object. Call QWebEngineCertificateError::certificateChain() to get a QList<QSslCertificate>. Examine each one, and defer, ignore, or reject the chain.
-
@jeremy_k
Interesting. So this is only possible with webengineview. Im currently using webview. Is there any down side to switching to webengineview? -
@poncho524 I don't know, for both the question of possibility, and any issues for switching. The documentation mentions OS-specific WebEngine differences, including some cases where WebView uses WebEngine.