Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct
macOS10.15.4, "The root CA certificate is not trusted for this purpose"
jonaspeter last edited by jonaspeter
I have a problem with Qt5.12.8 accepting certificates on macOS 10.15.4.
We are building a software stack, where we use the QNetworkAccessManager in order to connect to a server.
If i want to run it, it gets me "The root CA certificate is not trusted for this purpose" (error code 17). I am sure that the certificate is the correct one, because if I run everything on windows 10 or macOS10.14.x it works like a charm. The certificate iteslf is not a self-signed certificate but a certificate signed by a (apple)-trusted authority.
What I have done so far:
- google, google, google, but unfortuately I did not get a solution...
- I installed the newest (1.1.1g) openssl with brew and linked it to /usr/bin/openssl in order to make it the system default.
- I tried a combination of this (https://stackoverflow.com/questions/13093025/qt-on-osx-10-5-8-the-root-ca-certificate-is-not-trusted-for-this-purpose) "solution" and this post (https://forum.qt.io/topic/55853/openssl-and-mac-os-x/7) where I build my Qtlibraries from source, not linked with openssl, but with the mac-specific SecureTransport.
And that's about it, I do not have any other idea.
Does anyone has a hint in which direction I can search furhter?
Pleas hit me up if you need any further specifications
Thank you very much
Hi and welcome to devnet,
Please check QTBUG-65002, the last comment might give another clue why it is happening.
Janine last edited by
@jonaspeter did you ever figure this out? I am having the same problem on macOS 10.15.7 with Qt5.15.1
Alexey Matal last edited by
First time I got this problem in QML in XmlHttpRequest. XmlHttpRequest so
silently gave an empty responseText.
After few hours of searching solution I tried to create test application with raw QNAM in Qt (C++) - an got the same error...
In system cert-policy I set the "always trust" for this cert.
Any solution? :(
From what I understand, you certificate might be considered as weak so SecureTransport rejects it.