[SOLVED]QWebView & websockets & self-signed certificates
-
wrote on 2 Apr 2013, 13:12 last edited by p3c0
Hi, All.
I have nginx webserver with proxying websockets.
I generate CA certificates, and generate clients certificates, signed by CA certificates.
In my application I subclass QNetworkAccessManager as:QNetworkReply* QNetworkAccessManagerEx::createRequest(Operation op, const QNetworkRequest & req, QIODevice * outgoingData) { QNetworkRequest myReq = req; QSslConfiguration conf = req.sslConfiguration(); conf.setPeerVerifyMode(QSslSocket::VerifyNone); QFile certFile("client01.crt"); certFile.open(QIODevice::ReadOnly); conf.setLocalCertificate(QSslCertificate(certFile.readAll())); QFile keyFile("client01.key"); keyFile.open(QIODevice::ReadOnly); QSslKey key(keyFile.readAll(), QSsl::Rsa); conf.setPrivateKey(key); certFile.close(); myReq.setSslConfiguration(conf); QNetworkReply *repl = QNetworkAccessManager::createRequest( op, myReq, outgoingData ); return repl; }
And set my QNetworkAccessManagerEx to QWebView:
ui->webView->page()->setNetworkAccessManager(&networkAccessManager);
If, navigate to site websocket.org, and trying to connect to secure websocket, all working correctly, and QWebView appeals to my
QNetworkAccessManagerEx::createRequest(...)
If navigate to my local web server, QWebView appeals to myQNetworkAccessManagerEx::createRequest(...)
only during loading web page, after that, when I want connect to websocket manually (button on web page)QWebView
dont appeals toQNetworkAccessManagerEx::createRequest(...)
.
I tried callignoreSslErrors()
, but no effect.
It seems that the signal and an indication of client certificates do not reach the engine javascript in QWebView.
How can specify javascript engine, to use client certificates?
Qt 5.0.1
Sorry my english. -
wrote on 11 Apr 2013, 07:43 last edited by
Websocket in QWebKit not used QNetworkAccessManager.
So you need to use static methods to set the CA certificate.
At the beginning of the application must call static QSslSocket::addDefaultCaCertificate(...) and it will work correctly.
Problem solved.