QNetworkRequest with client authentication
-
Hi
My Apache HTTP server needs client authentication by certificate. The environment generally works (I tested it with firefox), but want to make HTTP GET's on my Windows through a QT application.
I used the QT example 'http' (examples\network\http) and enhanced function startRequest() by loading the certificate and private key (I successfully verified the example without client certificate authentication).
The function startRequest() terminates successfully and does not show any "strange" behavior.Looking at the IP traffic between my client and Apache server (SSL handshake), the client replies with the Encryption Alert 41, "No certificate".
It looks that somehow the loaded certificate QSslCertificate/QSslConfiguration is not accepted by QNetworkRequest or sent to the server!
Does somebody have any idea concerning this problem?
@
void HttpWindow::startRequest(QUrl url)
{
QFile sslCertificateFile("ssl/client.cert");
QFile sslKeyFile("ssl/client.key.unsecure");
QSslConfiguration sslConfiguration;
QSslCertificate sslCertificate;
QNetworkRequest request;if ( (sslCertificateFile.open(QIODevice::ReadOnly)) &&
(sslKeyFile.open(QIODevice::ReadOnly)) ) {// Read certificates from file
QList<QSslCertificate> sslCertificateList = QSslCertificate::fromData(sslCertificateFile.readAll(), QSsl::Pem);
qDebug("Found certificates: %d", sslCertificateList.size());
sslCertificate = sslCertificateList.takeAt(0);
qDebug() << sslCertificate.issuerInfo(QSslCertificate::Organization);
qDebug() << sslCertificate.issuerInfo(QSslCertificate::CountryName);
qDebug() << sslCertificate.issuerInfo(QSslCertificate::CommonName);
qDebug() << "expires: %s" << sslCertificate.expiryDate().toString(Qt::ISODate);// Read key from file
QSslKey privateKey(&sslKeyFile, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey , "");
qDebug() << "Algorithm: " << privateKey.algorithm();
qDebug() << "Length: " << privateKey.length();// SSL configuration
sslConfiguration.defaultConfiguration();
sslConfiguration.setLocalCertificate(sslCertificate);
sslConfiguration.setPrivateKey(privateKey);
sslConfiguration.setProtocol(QSsl::SslV3);// Do the https request
request.setSslConfiguration(sslConfiguration);
qDebug("is certificate valid: %d", request.sslConfiguration().localCertificate().isValid());
request.setUrl(url);
reply = qnam.get(QNetworkRequest(url));
connect(reply, SIGNAL(finished()),
this, SLOT(httpFinished()));
connect(reply, SIGNAL(readyRead()),
this, SLOT(httpReadyRead()));
connect(reply, SIGNAL(downloadProgress(qint64,qint64)),
this, SLOT(updateDataReadProgress(qint64,qint64)));
}
else {
QMessageBox::information(this, tr("HTTP"),
tr("Can not open file."));
}
sslCertificateFile.close();
sslKeyFile.close();
}
@[edit: code highlighted / Denis Kormalev]