Hello,
I'm trying to access to a SOAP web service protected by certificate (the server one is auto-signed, the client one should be presented).
I'm using Qt4.5 from qt-copy (in kde) under GNU/Linux but I had the same problem with Qt4.4.x
I'm using the following code:
qDebug() << "setting up SSL configuration: " << m_sslKeyFile;
QSslConfiguration sslConfiguration = request.sslConfiguration();
QFile sslCertificateFile
(m_sslKeyFile
);
if (sslCertificateFile.
open(QIODevice::ReadOnly)) {
QSslCertificate certif(&sslCertificateFile);
sslCertificateFile.close();
if (certif.isNull())
{
qDebug() << "Failed to load certificate";
}
qDebug() << "certif version=" << certif.version() << ", serial=" << certif.serialNumber()
<< ", issuer=" << certif.issuerInfo(QSslCertificate::Organization)
<< " and subject=" << certif.subjectInfo(QSslCertificate::CommonName);
sslConfiguration.setLocalCertificate(certif);
sslCertificateFile.close();
sslCertificateFile.
open(QIODevice::ReadOnly);
QSslKey key(&sslCertificateFile, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
qDebug() << "key isNull ? " << key.isNull();
sslConfiguration.setPrivateKey(key);
sslConfiguration.setProtocol(QSsl::SslV2);
sslConfiguration.setPeerVerifyMode(QSslSocket::QueryPeer);
request.setSslConfiguration(sslConfiguration);
}
...
qDebug() << "send post";
m_networkReply = m_networkAccessManager->post(request, m_tempFile); // m_networkAccessManager est QNetworkAccessManager
...
void QSoapServiceClient::slotNetworkReplyError(QNetworkReply::NetworkError)
{
qDebug() << "QSoapServiceClient::slotNetworkReplyError: " << m_networkReply->errorString();
m_answer = "";
}
qDebug() << "setting up SSL configuration: " << m_sslKeyFile;
QSslConfiguration sslConfiguration = request.sslConfiguration();
QFile sslCertificateFile(m_sslKeyFile);
if (sslCertificateFile.open(QIODevice::ReadOnly))
{
QSslCertificate certif(&sslCertificateFile);
sslCertificateFile.close();
if (certif.isNull())
{
qDebug() << "Failed to load certificate";
}
qDebug() << "certif version=" << certif.version() << ", serial=" << certif.serialNumber()
<< ", issuer=" << certif.issuerInfo(QSslCertificate::Organization)
<< " and subject=" << certif.subjectInfo(QSslCertificate::CommonName);
sslConfiguration.setLocalCertificate(certif);
sslCertificateFile.close();
sslCertificateFile.open(QIODevice::ReadOnly);
QSslKey key(&sslCertificateFile, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
qDebug() << "key isNull ? " << key.isNull();
sslConfiguration.setPrivateKey(key);
sslConfiguration.setProtocol(QSsl::SslV2);
sslConfiguration.setPeerVerifyMode(QSslSocket::QueryPeer);
request.setSslConfiguration(sslConfiguration);
}
...
qDebug() << "send post";
m_networkReply = m_networkAccessManager->post(request, m_tempFile); // m_networkAccessManager est QNetworkAccessManager
...
void QSoapServiceClient::slotNetworkReplyError(QNetworkReply::NetworkError)
{
qDebug() << "QSoapServiceClient::slotNetworkReplyError: " << m_networkReply->errorString();
m_answer = "";
}
To copy to clipboard, switch view to plain text mode
And I obtain at runtime:
setting up SSL configuration: "/path/to/pem/file"
certif version= "" , serial= "" , issuer= "xxx" and subject= "yyy"
key isNull ? false
send post
connecting reply signals
sent
QSoapServiceClient::slotNetworkReplyError: "SSL handshake failed"
setting up SSL configuration: "/path/to/pem/file"
certif version= "" , serial= "" , issuer= "xxx" and subject= "yyy"
key isNull ? false
send post
connecting reply signals
sent
QSoapServiceClient::slotNetworkReplyError: "SSL handshake failed"
To copy to clipboard, switch view to plain text mode
Note that by using a QProcess launching curl with options -k and -E, it works... Thus the certificate is OK. It's really my code which is bad but I cannot see where...
Any idea ?
Bookmarks