1. 技术文章
  2. QNetworkRequest and default SSL configuration

QNetworkRequest and default SSL configuration

假装没事ソ 提交于 2020-01-10 14:30:10

问题


I'm using the following piece of code to make HTTPS requests with a server.

QNetworkRequest request;

//request.setSslConfiguration(QSslConfiguration::defaultConfiguration());
request.setUrl(QUrl("https://www.someurl.com/"));

QNetworkReply *reply = manager->get(request);

Everything seems to be working with my test server, but I would like to know if it is recommended to set the defaultConfiguration (uncomment second line) or does the network API automatically check all defaultConfigurations when using SSL? And if it checks, does it also do if I add one custom configuration? I mean, is it required to append the custom configuration to the list of default configuration? For example:

QSslConfiguration SslConfiguration(QSslConfiguration::defaultConfiguration());

QList<QSslCertificate> certificates = SslConfiguration.caCertificates();
certificates.append(QSslCertificate::fromData(certificate.toAscii(), QSsl::Pem));
SslConfiguration.setCaCertificates(certificates);

request.setSslConfiguration(SslConfiguration);

Edit: I would like to add that I'm working on Symbian platform.


回答1:


From documentation of
void QNetworkRequest::setSslConfiguration ( const QSslConfiguration & config ):

By default, no SSL configuration is set, which allows the backends to choose freely what configuration is best for them.

You can verify this statement using the following code:

#include <QtGui/QApplication>
#include <QtCore/QDebug>
#include <QtNetwork/QNetworkAccessManager>
#include <QtNetwork/QNetworkRequest>
#include <QtNetwork/QNetworkReply>
#include <QtNetwork/QSslConfiguration>

int main(int argc, char *argv[])
{
    QApplication app(argc, argv);

    QNetworkAccessManager qnam;
    QNetworkRequest request;
    QNetworkReply* reply = qnam.get(request);

    qDebug() << "Default SSL configuration isNull: "
             << QSslConfiguration::defaultConfiguration().isNull();

    qDebug() << "SSL configuration used by QNAM isNull: "
             << reply->sslConfiguration().isNull();

    return app.exec();
}

However, you seem to confuse root CA certificates store with SSL configuration. The former is only one part of the latter (see QList<QSslCertificate> QSslConfiguration::caCertificates () const). If you want to make sure your root CA certificates will be used by QNAM you can take advantage of the fact that QNAM uses QSslSocket to make SSL connections and use any of the following static methods

void addDefaultCaCertificate ( const QSslCertificate & certificate )
bool addDefaultCaCertificates ( const QString & path, QSsl::EncodingFormat encoding = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString )
void addDefaultCaCertificates ( const QList<QSslCertificate> & certificates )
void setDefaultCaCertificates ( const QList<QSslCertificate> & certificates )

to set root CA certificates to be used by all SSL connections made using QSslSocket. Remember, this is global setting and affects all SSL connections made using QSslSocket not only these made using QNAM. There's no API to set this only for specific QNAM or for all QNAMs.



来源:https://stackoverflow.com/questions/3683826/qnetworkrequest-and-default-ssl-configuration

标签
qt
ssl
qnetworkaccessmanager
qnetworkrequest
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!