Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

How to read-out the informations in SSL certificates ?



  • Hello, i have prolblem by read out informations like CountryName. ... in a cert.
    here is some code, which i have done so far.

            QNetworkProxyFactory::setUseSystemConfiguration(true);
    
            QMessageBox::information(window(),
            tr("Information"),
            tr("Please select a folder with ca certificates."));
            //
            QString dir = QFileDialog::getExistingDirectory(
                this, tr("Open Directory"),
                QDir::homePath(),
                QFileDialog::ShowDirsOnly |
                QFileDialog::DontResolveSymlinks);
    
            if (dir.trimmed().length() < 2)
                dir = "/tmp";
    
            // ca certs ...
            QFileInfo fkey(QString("%1/ca.key.pem").arg(dir));
            QFileInfo fcrt(QString("%1/ca.crt.pem").arg(dir));
    
            if (!fkey.exists()) { QMessageBox::warning(window(),tr("Error"),tr("ca.key.pem not found.")); return; }
            if (!fcrt.exists()) { QMessageBox::warning(window(),tr("Error"),tr("ca.crt.pem not found.")); return; }
    
            QFile keyFile(QString("%1/ca.key.pem").arg(dir));
            QFile crtFile(QString("%1/ca.crt.pem").arg(dir));
    
            if (!keyFile.open(QIODevice::ReadOnly)) { QMessageBox::warning(window(),tr("ERROR"),tr("ca.key.pem not found.")); return; }
            if (!crtFile.open(QIODevice::ReadOnly)) { QMessageBox::warning(window(),tr("ERROR"),tr("ca.crt.pem not found.")); return; }
    
            const QByteArray keyBytes = keyFile.readAll();
            const QByteArray crtBytes = crtFile.readAll();
    
            if (keyBytes.trimmed().length() < 2) { msgError(1); return; }
            if (crtBytes.trimmed().length() < 2) { msgError(2); return; }
    
            QSslCertificate keyCert(keyBytes);
            QSslCertificate crtCert(crtBytes);
    
            QByteArray pass = "test";
            QSslKey privateKey(keyBytes,QSsl::Rsa,QSsl::Pem,QSsl::PrivateKey, pass);
            if (privateKey.isNull()) {
                QMessageBox::warning(window(),
                tr("Error"),
                tr("private key error."));
                return;
            }   else {
                QMessageBox::warning(window(),
                tr("info"),
                tr("private key ok"));
            }
    
            QSslConfiguration sslConfiguration;
    
            sslConfiguration.setPrivateKey(privateKey);
            sslConfiguration.setLocalCertificate(crtCert);
            sslConfiguration.setProtocol(QSsl::TlsV1_0);
    
            // fake test ...
            QNetworkAccessManager networkAccessManager;
            QNetworkRequest       networkRequest(QUrl("https://www.google.com/"));
            QNetworkReply *       networkReply
            = networkAccessManager.get(networkRequest);
    
            QEventLoop loop;
            QObject::connect(
                &networkAccessManager,
                &QNetworkAccessManager::finished,
                &loop,
                &QEventLoop::quit);
            loop.exec();
    
            if (networkReply->error() > 0) {
                QMessageBox::information(window(),tr("info"),
                QString("code: %1\nerror: %2")
                .arg(networkReply->error())
                .arg(networkReply->errorString()));
                delete networkReply;
                return;
            }
    
            delete networkReply;
    
            keyFile.close();
            crtFile.close();
    
            QMessageBox::warning(window(),
            tr("Error"),
            QString("cert: %1").arg(keyCert.expiryDate().toString()));
            return;
    

Log in to reply