The handshake is the process that establishes the secure connection, in Qt QSslSocket::connectToHostEncrypted and QSslSocket::startServerEncryption take care of the handshake. The "Hello Word" sent across is just normal TCP communication that could be done even without encryption (i.e. using QTcpSocket)
and why does it crash?
What is the value of incoming QNetworkReply* ?
Are you doing any fancy deletes?
in your CustomNetworkManagerFactory::create() you get a QObject* passed as a parent for the QNAM to create. But you set the parent to the this pointer instead.
it would be cleaner not to couple the created QNAM with your factory class by connecting signals and slots of them. Instead you should subclass QNAM, move the onIgnoreSSLErrors() slot to it and connect it to itself instead.
you are overwriting your local m_networkManager member variable everytime create() is called. Which doesn't go along with a factory implementation ;)
I don't know if this already solves your crash, it may be.
I currently have a very similar problem. I'm implementing a send mail client which should gracefully fall back to an unencrypted connection if encryption fails (and the user has decided to go ahead anyway). For that purpose I've connected to the QAbstractSocket::error() signal.
While I do get the signal it's ultimately moot since the code in question (QSslSocketBackendPrivate::startHandshake() in qsslsocket_openssl.cpp) immediately closes the socket by calling QSslSocket::abort() after emitting the signal. Because of that calling QSslSocket::ignoreSslErrors() is never an option.
I currently have no workaround in place. Maybe the only solution is to connect to the disconnected() signal and then check whether the connection was closed because of a handshake error. If it was, then open a new unencrypted socket/connection. I'm open to suggestions, though... :-)
On Client-Side and on Server-Side i provide the following:
Private key of the certificate
Public key of the certificate
Public key of the CA
An connection is established. I am getting an SSLError: "The certificate is self-signed and untrusted", but i can either ignore it using ignoreSslErrors(); or the better method is by comparing the certificates to make sure it's all good.
Also i have re-created my certificates and my CA with the correct information, because I haven't provided the CN for localhost since i was testing on my local machine with my old certificates.
Anyways, the communication works with correct certificates.
The QT client can connect to the server with wss.
The Webclient can't connect to the server with wss. But an echo test to "wss://echo.websocket.org" is successfully, so the browser is okay. The question is, what's the difference between Qt secure websocket and the other solutions? Is it may some different SSL/TSL config?
I'm using QSsl::TlsV1SslV3
Don't copy these DLLs, unless it has changed over time, Qt Creator is build with MSVC and you have a MinGW Qt build. You should rather get the official OpenSSL package and install that one to use with your application.
Thank you very much, I used the work-around they proposed
(storing a copy of the certificate in the local resources of the app & adding that to the default CACertificate list before opening the socket)
I'm afraid this won't be a clean long term solution though (the certificate will stay valid for a while, but eventually expires I guess).
If anyone has any idea's for a more clean/permanent solution I'm very much open to suggestions.
In the mean time this will have to do.
Thanks again, I appreciate the comment
I too had the same requirement. Looking further into I found out that the slot for onIgnoreSslErrors was never called as it is required for Self Signed Certificates and which cause these SSL errors.
So actually the request needs to modified a bit which could be done by re-implementing createRequest
Thus in QNAM subclassed class: