Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-138231

QSslCertificate: Support extracting data from a PKCS #12 file that only contains a CA certificate chain

    XMLWordPrintable

Details

    Description

      If a PKCS #12 (.p12) file only contains the CA certificate chain (i.e. no private key, no end-entity certificate), then QSslCertificate::importPkcs12 currently aborts early simply because it can't find the key (example: https://github.com/qt/qtbase/blob/v6.9.1/src/plugins/tls/openssl/qx509_openssl.cpp#L823-L827 )

      Consequently, the CA certificate chain doesn't get read, even though the certificates are there.

       

      Suggestion

      We should provide a way to read the CA certificate chain, regardless of the result of reading the private key

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            tpochep Timur Pocheptsov
            skoh-qt Sze Howe Koh
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes