Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-40401

Peer certificates are empty in encrypted signal

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P2: Important
    • None
    • 5.3.1
    • Network: SSL
    • None
    • c6e21eb673a7c3e4abcf90bd3bad1ec0890d6b5f

    Description

      We need to handle additional checks for peer certificates during handshake. We found no way to do it. So we wanted to check it right after the handshake completed.

      We tried to connect to encrypted signal of QNetworkReply and of QNetworkAccessManager but every time we try to get the peerCertificate it is NULL.

      ...
        connect(m_reply, &QNetworkReply::encrypted, this, &Dummy::encrypted);
      ...
      
      void Dummy::encrypted()
      {
      const QSslCertificate peerCert = reply->sslConfiguration().peerCertificate();
      	if(peerCert.isNull())
      	{
      		qDebug() << "peer cert is null";
      	}
      }
      

      We can get the peerCertificate in readyRead signal but that is too late to abort the connection.

      Attachments

        For Gerrit Dashboard: QTBUG-40401
        # Subject Branch Project Status CR V

        Activity

          People

            richmoore Richard Moore (qtnetwork)
            misery André Klitzing
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes