4. qml websocket (wss) self signed certificate

qml websocket (wss) self signed certificate


  • Hello,
    I would like to test my APP which using websocket in qml .
    For test I created self signed certificate and now I need to load this cert to qml.
    How to make it easily? Some C++ wraper ? (all my code is write in pure qml).

    Thank you

    0
  • Lifetime Qt Champion

    Hi,

    IIRC, you would need to use QSslConfiguration. That part should be done in your main.cpp.

    0

  • Thank you for answer.

    I tryed this

    	QList<QSslCertificate> certs;
	QSslCertificate cert(readFile("/tmp/cer/cert.pem"));
	certs.append(cert);

	QSslConfiguration config;
	config.setCaCertificates(certs);
	config.setLocalCertificateChain(certs);

	QSslConfiguration::setDefaultConfiguration(config);

    without success.
    Keys are generetad by :

    openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

    Server is python script, and it seems it working (testing with python client).

    0 1 Reply
  • Lifetime Qt Champion

    @poucz said in qml websocket (wss) self signed certificate:

    QSslCertificate cert(readFile("/tmp/cer/cert.pem"));

    Are you sure readFile returns the correct content ?

    0

  • Yes I'm sure, In debugger I can see all bytes and variable 'cert' and 'cert2' contains valid field : "notValidAfter" and "notValidBefore"

    I don't know if I generate cert correctly.

    But with python client it works.

    Server is Python script:

    ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.load_cert_chain("/tmp/cer/cert.pem", "/tmp/cer/key.pem")
start_server = websockets.serve(server_handler, port=6789, ssl=ssl_context)
asyncio.get_event_loop().run_until_complete(start_server)
asyncio.get_event_loop().run_forever()

    and with python's client I can connect:

         ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
     ssl_context.load_verify_locations("/tmp/cer/cert.pem")
     async with websockets.connect(uri, ssl=ssl_context) as websocket:
    0

  • @poucz said in qml websocket (wss) self signed certificate:

    I tryed this

    What if you try the ICS approach?

    This is, creating a QSslCertificate and then adding that certificate to all SSL connections with QSslSocket::addDefaultCaCertificate()

    Remember that WebSocket QML Type internally uses a QWebSocket after all, and it in turn uses a QTcpSocket.

    0
Log in to reply