Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P2: Important
Fix Version/s: 5.3.0
Affects Version/s: 4.6.0
Component/s: Network, Network: SSL
Labels:
None
Environment:
Win32, MSVC2008, Qt 4.6.0, OpenSSL 1.0.0-b4

Commits:
5773a5cd50fac6d7348805f785df0cf29f4388b9

Description

I have a piece of code which goes something like this:

	qssReg = new QSslSocket(this);
	qssReg->setLocalCertificate(qscCert);
	qssReg->setPrivateKey(qskKey);

	http = new QHttp(QLatin1String("hostname"), QHttp::ConnectionModeHttps, 443, this);
	http->setSocket(qssReg);

	connect(http, SIGNAL(done(bool)), this, SLOT(done(bool)));
	connect(http, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(regSslError(const QList<QSslError> &)));

The purpose being to do a https connection with a local certificate for authentication. With OpenSSL 1.0.0-b4, this will always cause regSslError() to trigger with "The certificate is self-signed, and untrusted". Looking at qssReg->peerCertificateChain(), I see the "base" certificate for the server is listed twice, then the CA chain to the root cert. I haven't really done any more debugging than that.

With OpenSSL 0.9.8l, everything works as expected.

Attachments

Issue Links

relates to

QTBUG-33228 Incomplete client certificate chain results in TLS handshake failure

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Unassigned

Reporter:: Thorvald Natvig

Votes:: 4 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 07 Jan '10 13:40

Updated:: 02 Feb '15 14:24

Resolved:: 17 Jan '14 12:54

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

Prevent spurious SSL errors from local certificates.: Gerrit Review: