How to remove all Certificate Authorities certificates from a QNetworkRequest?
Unsolved
General and Desktop
-
Hello,
We are trying to have complete control regarding which CA certificates a QNetworkRequest will be allowed to use. The first 'simple' test we wanted to run was to remove all CA certificates and make sure it triggers and error on any https attempt.
Here is the minimal example showing how we set up the instances:
QNetworkAccessManager manager; QUrl requestedUrl("https://www.google.com"); QNetworkRequest request(requestedUrl); QSslConfiguration sslConfig = request.sslConfiguration(); // Set the QList of certificates to an empty list sslConfig.setCaCertificates({}); request.setSslConfiguration(sslConfig); QNetworkReply *reply = manager.get(request); connect(reply, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(slotSslErrors(QList<QSslError>)));
We would expect that to fail at runtime: the request uses https scheme, and it intentionally does not have any CA certificates to complete the authentication. But the request actually completes successfully, the reply contains the webpage content, and the slotSslErrors slot is not executed.
How would one actually disable all certificates for such a request ?
-
Hi! That looks like QTBUG-13418.