qt - 与 Qt 的 SSL 连接失败

标签 qt ssl

我使用以下代码连接到 HTTPS 页面:

QNetworkRequest request(QUrl("https://sso.post.ch/organizer/?login"));

QList<QSslCertificate> cas;
cas.append(QSslCertificate::fromPath("/foo/VerisignCA_G3.crt"));
cas.append(QSslCertificate::fromPath("/foo/VerisignCA_G5.crt"));

QSslConfiguration sslConf;
sslConf.setCaCertificates(cas);
request.setSslConfiguration(sslConf);

QNetworkReply *reply = nam.get(request);
connect(reply, SIGNAL(finished()), this, SLOT(httpFinished()));
connect(&nam, SIGNAL(sslErrors(QNetworkReply *, QList<QSslError>)),
        this, SLOT(sslErrors(QNetworkReply *, QList<QSslError>)));

但是,此请求失败并显示以下错误消息(我省略了打印它的代码):

SSL errors occured while connecting to https://sso.post.ch/organizer/?login:

The issuer certificate of a locally looked up certificate could not be found
  s:[O=VeriSign, Inc.,CN=VeriSign Class 3 International Server CA - G3,L=,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,S=64:1b:e8:20:ce:02:08:13:f3:2d:4d:2d:95:d6:7e:67]
  i:[O=VeriSign, Inc.,CN=VeriSign Class 3 Public Primary Certification Authority - G5,L=,OU=(c) 2006 VeriSign, Inc. - For authorized use only,CN=VeriSign Trust Network] 
The root CA certificate is not trusted for this purpose
  s:[O=VeriSign, Inc.,CN=VeriSign Class 3 International Server CA - G3,L=,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,S=64:1b:e8:20:ce:02:08:13:f3:2d:4d:2d:95:d6:7e:67]
  i:[O=VeriSign, Inc.,CN=VeriSign Class 3 Public Primary Certification Authority - G5,L=,OU=(c) 2006 VeriSign, Inc. - For authorized use only,CN=VeriSign Trust Network] 

Installed CAs: 
0: s:[O=VeriSign, Inc.,CN=VeriSign Class 3 International Server CA - G3,L=,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,S=64:1b:e8:20:ce:02:08:13:f3:2d:4d:2d:95:d6:7e:67]
   i:[O=VeriSign, Inc.,CN=VeriSign Class 3 Public Primary Certification Authority - G5,L=,OU=(c) 2006 VeriSign, Inc. - For authorized use only,CN=VeriSign Trust Network]
1: s:[O=VeriSign, Inc.,CN=VeriSign Class 3 Public Primary Certification Authority - G5,L=,OU=(c) 2006 VeriSign, Inc. - For authorized use only,OU=VeriSign Trust Network,S=18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a]
   i:[O=VeriSign, Inc.,CN=VeriSign Class 3 Public Primary Certification Authority - G5,L=,OU=(c) 2006 VeriSign, Inc. - For authorized use only,CN=VeriSign Trust Network]

奇怪的是,这个链从命令行使用 openssl 进行验证:

openssl s_client -CAfile VerisignCA_G5.crt -connect sso.post.ch:443
  [...]
  Verify return code: 0 (ok)

有人知道我错过了什么吗?

可以找到 VerisignCA_G5.crt here和 Verisign CA_G3.crt (MIIGKT...5mo) 来自服务器提供的链(恕我直言,不需要添加到 CA 列表中)。

感谢您的帮助!

最佳答案

某些证书具有“X509v3 授权 key 标识符”扩展集。这需要该颁发者证书的确切版本,而不仅仅是具有相同主题的证书。

关于qt - 与 Qt 的 SSL 连接失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23018007/

上一篇:ssl - 多个负载均衡器的单个 SSL 证书

下一篇:ios - node ios socket.io SSL 适用于 xcode 调试但不适用于 ipa 安装

相关文章:

c++ - Qt C++ 如何将加密文本的 QByteArray 保存到文件中,然后读取并格式化为 QByteArray

qt - 防止 QGraphicsItem 中的字体缩放

javascript - 从 Repeater QML/JS 创建一个动态数量的 AppCheckBoxes

python - 带有 ssl 证书的 flask mongoengine

c# - SMTP - SSL 证书问题 - C# - 为什么此代码有效?

ssl - 搜索栏未在 SSL 中正确显示

qt - 在执行之间保留/序列化 QPrinter (QPrintDialog)

python - 使用 PyQt 的组合框中的复选框

.NET SNI 支持

python - Windows Live 登录 API SSL 问题 - Python

©2024 IT工具网  联系我们