Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

qml websocket (wss) self signed certificate



  • Hello,
    I would like to test my APP which using websocket in qml .
    For test I created self signed certificate and now I need to load this cert to qml.
    How to make it easily? Some C++ wraper ? (all my code is write in pure qml).

    Thank you


  • Lifetime Qt Champion

    Hi,

    IIRC, you would need to use QSslConfiguration. That part should be done in your main.cpp.



  • Thank you for answer.

    I tryed this

    	QList<QSslCertificate> certs;
    	QSslCertificate cert(readFile("/tmp/cer/cert.pem"));
    	certs.append(cert);
    
    	QSslConfiguration config;
    	config.setCaCertificates(certs);
    	config.setLocalCertificateChain(certs);
    
    	QSslConfiguration::setDefaultConfiguration(config);
    	
    

    without success.
    Keys are generetad by :

    openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
    

    Server is python script, and it seems it working (testing with python client).


  • Lifetime Qt Champion

    @poucz said in qml websocket (wss) self signed certificate:

    QSslCertificate cert(readFile("/tmp/cer/cert.pem"));

    Are you sure readFile returns the correct content ?



  • Yes I'm sure, In debugger I can see all bytes and variable 'cert' and 'cert2' contains valid field : "notValidAfter" and "notValidBefore"

    I don't know if I generate cert correctly.

    But with python client it works.

    Server is Python script:

    ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
    ssl_context.load_cert_chain("/tmp/cer/cert.pem", "/tmp/cer/key.pem")
    start_server = websockets.serve(server_handler, port=6789, ssl=ssl_context)
    asyncio.get_event_loop().run_until_complete(start_server)
    asyncio.get_event_loop().run_forever()
    

    and with python's client I can connect:

         ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
         ssl_context.load_verify_locations("/tmp/cer/cert.pem")
         async with websockets.connect(uri, ssl=ssl_context) as websocket:
    


  • @poucz said in qml websocket (wss) self signed certificate:

    I tryed this

    What if you try the ICS approach?

    This is, creating a QSslCertificate and then adding that certificate to all SSL connections with QSslSocket::addDefaultCaCertificate()

    Remember that WebSocket QML Type internally uses a QWebSocket after all, and it in turn uses a QTcpSocket.


Log in to reply