QTcpServer using QSslSocket, need help with certificates



  • Hello,

    I am trying to create basic SSL server (on Ubuntu 11.04 32bit), using QTcpServer with QSslSockets. I have managed to get it working with my dummy certifacate. But now i got real proper certificate and i am not sure what to add and where. I have recieved 5 files in total: AddTrustExternalCARoot.crt ,myappname.csr, myappname.key, COMODOHigh-AssuranceSecureServerCA.crt and STAR_myappname_com.crt.

    This method is called from QTcpServer::incomingConnection(int socketDescriptor) ... I basicly create QSslSocket, set the descriptor, add my certificates and start handshake...

    So my question then is: Could anyone show me how to properly set the QSslSocket?
    @
    void SSLServerConnection::setSocket(int descriptor){

    sslsocket = new QSslSocket(this);
    sslsocket->setSocketDescriptor(descriptor);
    
    //I am guessing those two are correctly
    sslsocket->setPrivateKey("/home/myname/certs/myappname.key");
    sslsocket->setLocalCertificate("/home/myname/certs/myappname.csr");
    //And now i need to set CA authorities somehow
    //... 
    
    //to my knowledge this tells the socket to ask for valid certificate during ssl handshake
    sslSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);
    
    connect(sslsocket, SIGNAL(encrypted()), SLOT(connectionEncrypted()));
    connect(sslsocket, SIGNAL(disconnected()), SLOT(connectionClosed()));
    connect(sslsocket, SIGNAL(readyRead()), SLOT(readyRead()));
    connect(sslsocket, SIGNAL(error(QAbstractSocket::SocketError)), SLOT(error(QAbstractSocket::SocketError)));
    
    sslsocket->startServerEncryption();
    
    qDebug() << "New ssl connection:";
    

    }@



  • Turns out i was using wrong file for localcertificate. With a proper .crt certificate it works with no problem.


  • Lifetime Qt Champion

    Hi and welcome to devnet !

    Great you found out and thanks for sharing the solution

    Can you also please update the thread title prepending [solved] ? So other forum users may know a solution has been found :)


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.