I'm trying send a rest request to a webservice where the certificate is selfsigned. At the moment I'm creating a request, setting the url and the auth. key as headers. Then I tell the reply to ignore this ssl error:
我正在尝试发送一个rest请求到一个证书自签名的webservice。目前,我正在创建一个请求,设置url和auth。关键是头。然后我告诉回答忽略这个ssl错误:
QSslError error(QSslError::SelfSignedCertificate);
QList<QSslError> expectedSslErrors;
expectedSslErrors.append(error);
QNetworkReply *reply = _accessManager.put(request, ""); // no requestbody
reply->ignoreSslErrors(expectedSslErrors);
When I run it I get the following ssl error:
当我运行它时,我得到以下ssl错误:
9 - The certificate is self-signed, and untrusted
证书是自签名的,不受信任。
followed by network error nr 6:
其次是网络错误nr 6:
Request failed with message: SSL handshake failed
请求失败:SSL握手失败。
At the moment I'm ignoring ALL errors since it seems to be the only thing that works. Feel dirty.
现在,我忽略了所有的错误,因为它似乎是唯一有效的方法。觉得脏。
Would be really grateful if anyone know what I'm doing wrong!
如果有人知道我做错了什么,我会非常感激的!
EDIT:
编辑:
Changed to:
更改为:
QList<QSslError> expectedSslErrors;
expectedSslErrors.append(QSslError::SelfSignedCertificate);
expectedSslErrors.append(QSslError::CertificateUntrusted);
reply->ignoreSslErrors(expectedSslErrors);
But still getting the same error...
但还是有同样的错误……
1 个解决方案
#1
4
The certificate is self-signed, and untrusted
证书是自签名的,不受信任。
The problem is the "untrusted" part. You have to provide the self signed certificate, as second parameter of QSslError.
问题是“不受信任”的部分。您必须提供自签名证书,作为QSslError的第二个参数。
Edit: Based on the source code, the comparison between the actually received SSL errors and the errors passed to ignoreSslErrors is done by comparing both the error code, and the certificate.
So if the error returned by OpenSSL would contain a certificate, like with QSslError::SelfSignedCertificate, you must always pass a certificate to QSslError constructor, or the comparison would fail.
编辑:在源代码的基础上,通过比较错误代码和证书,将实际接收到的SSL错误和传递给ignoreSslErrors的错误进行比较。因此,如果OpenSSL返回的错误将包含一个证书,比如QSslError::SelfSignedCertificate,您必须始终将证书传递给QSslError构造函数,否则比较将失败。
But you can also ignore the error manually by connecting the signal sslError() to a slot where you check that the error list contains only a self signed certificate error, and then call ignoreSslErrors() (without any parameter).
但是,您也可以通过将信号sslError()连接到一个槽中,检查错误列表只包含自签名的证书错误,然后调用ignoreSslErrors()(没有任何参数)。
#1
4
The certificate is self-signed, and untrusted
证书是自签名的,不受信任。
The problem is the "untrusted" part. You have to provide the self signed certificate, as second parameter of QSslError.
问题是“不受信任”的部分。您必须提供自签名证书,作为QSslError的第二个参数。
Edit: Based on the source code, the comparison between the actually received SSL errors and the errors passed to ignoreSslErrors is done by comparing both the error code, and the certificate.
So if the error returned by OpenSSL would contain a certificate, like with QSslError::SelfSignedCertificate, you must always pass a certificate to QSslError constructor, or the comparison would fail.
编辑:在源代码的基础上,通过比较错误代码和证书,将实际接收到的SSL错误和传递给ignoreSslErrors的错误进行比较。因此,如果OpenSSL返回的错误将包含一个证书,比如QSslError::SelfSignedCertificate,您必须始终将证书传递给QSslError构造函数,否则比较将失败。
But you can also ignore the error manually by connecting the signal sslError() to a slot where you check that the error list contains only a self signed certificate error, and then call ignoreSslErrors() (without any parameter).
但是,您也可以通过将信号sslError()连接到一个槽中,检查错误列表只包含自签名的证书错误,然后调用ignoreSslErrors()(没有任何参数)。