[SOLVED]QWebView & websockets & self-signed certificates



  • Hi, All.
    I have nginx webserver with proxying websockets.
    I generate CA certificates, and generate clients certificates, signed by CA certificates.
    In my application I subclass QNetworkAccessManager as:

    QNetworkReply* QNetworkAccessManagerEx::createRequest(Operation op, const QNetworkRequest & req, QIODevice * outgoingData)
    {
        QNetworkRequest myReq = req;
        QSslConfiguration conf = req.sslConfiguration();
        conf.setPeerVerifyMode(QSslSocket::VerifyNone);
        QFile certFile("client01.crt");
        certFile.open(QIODevice::ReadOnly);
        conf.setLocalCertificate(QSslCertificate(certFile.readAll()));
        QFile keyFile("client01.key");
        keyFile.open(QIODevice::ReadOnly);
        QSslKey key(keyFile.readAll(), QSsl::Rsa);
        conf.setPrivateKey(key);
        certFile.close();
        myReq.setSslConfiguration(conf);
        QNetworkReply *repl = QNetworkAccessManager::createRequest( op, myReq, outgoingData );
        return repl;
    }
    

    And set my QNetworkAccessManagerEx to QWebView:

    ui->webView->page()->setNetworkAccessManager(&networkAccessManager);
    

    If, navigate to site websocket.org, and trying to connect to secure websocket, all working correctly, and QWebView appeals to my QNetworkAccessManagerEx::createRequest(...)
    If navigate to my local web server, QWebView appeals to my QNetworkAccessManagerEx::createRequest(...) only during loading web page, after that, when I want connect to websocket manually (button on web page) QWebView dont appeals to QNetworkAccessManagerEx::createRequest(...).
    I tried call ignoreSslErrors(), but no effect.
    It seems that the signal and an indication of client certificates do not reach the engine javascript in QWebView.
    How can specify javascript engine, to use client certificates?
    Qt 5.0.1
    Sorry my english.



  • Websocket in QWebKit not used QNetworkAccessManager.
    So you need to use static methods to set the CA certificate.
    At the beginning of the application must call static QSslSocket::addDefaultCaCertificate(...) and it will work correctly.
    Problem solved.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.