If you want to prompt to user you can listen for sslErrors signal and prompt the user. That 3-liner is just way simpler solution.
http://qt-project.org/doc/qt-5.0/qtnetwork/qnetworkreply.html#sslErrors re, Jonni ________________________________ From: devel-boun...@lists.sailfishos.org [devel-boun...@lists.sailfishos.org] on behalf of Tigre-Bleu [de...@tigre-bleu.net] Sent: Saturday, November 09, 2013 8:43 PM To: Sailfish OS Developers Subject: Re: [SailfishDevel] Ignoring auto signed SSL certificates If there is a cleaner way to prompt the user in the future, I will change the code but in the meantime it will do the job. Thanks, Antoine ________________________________ De: "Jonni Rainisto" <jonni.raini...@jolla.com> À: "Sailfish OS Developers" <devel@lists.sailfishos.org> Envoyé: Samedi 9 Novembre 2013 19:31:40 Objet: Re: [SailfishDevel] Ignoring auto signed SSL certificates Hi, If you dont care about chain of trust in self signed ssl certs, you can just add following in your application. That way all ssl certs are always accepted. Add these includes to main.cpp #include <QSslConfiguration> #include <QSslSocket> Add these lines in beginning of your main() QSslConfiguration config = QSslConfiguration::defaultConfiguration(); config.setPeerVerifyMode(QSslSocket::VerifyNone); QSslConfiguration::setDefaultConfiguration(config); re, Jonni ________________________________ From: devel-boun...@lists.sailfishos.org [devel-boun...@lists.sailfishos.org] on behalf of Tigre-Bleu [de...@tigre-bleu.net] Sent: Saturday, November 09, 2013 7:56 PM To: Sailfish OS Developers Subject: Re: [SailfishDevel] Ignoring auto signed SSL certificates Hi Gianni I agree that accepting the auto-signed certificate without prompt would be a potential security breach. However, I think there should be a dialog automatically opened by the OS asking the user what to do (or at least delegate the dialog implementation to the app itself). I am developping a sailfish app that is connected to an owncloud instance. Most of the time, the average geek (including me :) ) is using auto-signed ssl certificate. I don't want to force the user to use http where https could be used. I don't know C++ so I'm not really ready to play with QNetwork. Maybe I'll find something on the internet... Regards, Antoine -- Tigre-Bleu mail/jabber: antoine.vac...@tigre-bleu.net ________________________________ De: "Gianni Vialetto" <gia...@rootcube.net> À: "Sailfish OS Developers" <devel@lists.sailfishos.org> Envoyé: Samedi 9 Novembre 2013 12:25:54 Objet: Re: [SailfishDevel] Ignoring auto signed SSL certificates On Fri, Nov 8, 2013 at 7:26 PM, Tigre-Bleu <de...@tigre-bleu.net<mailto:de...@tigre-bleu.net>>wrote: Hello, The open() function of XMLHttpRequest seems to not work with auto signed ssl certificates. I have checked with valid certificates and there is no problem. Is this the expected behavior? If so how am I supposed to fetch some data from an auto signed https page using QML? Thanks, Antoine Hi Antoine, I cannot confirm it without diving into the implementation, but i believe the behavior of XHR you are seeing is reasonable from a security point of view - the alternative could be to prompt the user for confirmation. As an alternative you could construct the connection with QNetwork classes from the C++ side (the QSslConfiguration class should have a method to add a new CA to the list of those accepted). Regards, -- Gianni Vialetto _______________________________________________ SailfishOS.org Devel mailing list _______________________________________________ SailfishOS.org Devel mailing list
_______________________________________________ SailfishOS.org Devel mailing list
