How to remove all Certificate Authorities certificates from a QNetworkRequest?



  • Hello,

    We are trying to have complete control regarding which CA certificates a QNetworkRequest will be allowed to use. The first 'simple' test we wanted to run was to remove all CA certificates and make sure it triggers and error on any https attempt.

    Here is the minimal example showing how we set up the instances:

    QNetworkAccessManager manager;
    QUrl requestedUrl("https://www.google.com");
    QNetworkRequest request(requestedUrl);
    
    QSslConfiguration sslConfig = request.sslConfiguration();
    // Set the QList of certificates to an empty list
    sslConfig.setCaCertificates({});
    request.setSslConfiguration(sslConfig);
    
    QNetworkReply *reply = manager.get(request);
    connect(reply, SIGNAL(sslErrors(QList<QSslError>)),
            this, SLOT(slotSslErrors(QList<QSslError>)));
    

    We would expect that to fail at runtime: the request uses https scheme, and it intentionally does not have any CA certificates to complete the authentication. But the request actually completes successfully, the reply contains the webpage content, and the slotSslErrors slot is not executed.

    How would one actually disable all certificates for such a request ?


  • Moderators

    Hi! That looks like QTBUG-13418.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.