Installing certificates or allowing certain hosts.



  • My application has a few places where I display web pages. I am using QWebEngineView. Some of the test servers we use have self-signed certificates. For internal requests I install relevent certificates on startup with code like this:

    // Read the SSL certificate
    QFile file(":/ssl/" + host + ".crt");
    file.open(QIODevice::ReadOnly);
    const QByteArray bytes = file.readAll();
    const QSslCertificate certificate(bytes);
    QSslSocket::addDefaultCaCertificate(certificate);
    

    This does not work in QWebEngineView. Is there are way to install a certificate there?

    Alternatively it looks like the QWebEnginePage::certificateError() is a virtual function that I could override. However I do not see how to get the QWebEnginePage objects created from a derived class.



  • Loading should work this way, if you use the correct file format
    QSslSocket::addDefaultCaCertificates(certdata.pem)
    Look here: https://curl.haxx.se/docs/caextract.html

    You also need SSL error handling - use this as a working base:

      connect(webGUI->page()->networkAccessManager(), SIGNAL(sslErrors(QNetworkReply*, const QList<QSslError> & )),
      this, SLOT(HandleGUIsslErrors(QNetworkReply*, const QList<QSslError> & )));
    
    void QTGUI_MainWindow::HandleGUIsslErrors(QNetworkReply* reply, const QList<QSslError> &errors)
    {
      foreach (QSslError e, errors)
      {
        qDebug() << "GUI SSL error:" << e;
        QByteArray qbTemp;
        qbTemp.append(e.errorString());
      }
      //reply->ignoreSslErrors(); // this is only a hack !!
      reply->abort();
    }
    

    HTH


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.