Re: [Interest] macOS: troubles using my own CA
> On 12. Jul 2022, at 20:05, Thiago Macieira wrote: > > On Tuesday, 12 July 2022 01:21:07 PDT Alexander Dyagilev wrote: >> Again, if, after that, I build app using Qt 6.3.0 and launch it - this >> message never appears. >> >> So, this must be an issue with Qt 5.12. What I want to ask for: is there >> any known workaround to suppress this message under Qt 5.12.12? > > Qt 6.3 uses a completely different implementation of SSL on a Mac from 5.x. > It > uses the Apple API in SecureTransport, while Qt 5 uses OpenSSL. However, the > OpenSSL one is the same as Linux, so the same errors should appear on both. > > Is it the same OpenSSL 1.1 version? From what I know, SecureTransport is the default used on macOS since Qt 5.10.0 (running configure in 5.10.0 qtbase seems to confirm this). SecureTransport is deprecated by Apple, but the backend is still the default in 6.3. So unless Alexander explicitly enabled OpenSSL for one or the other, it wouldn’t expect big changes here. — Frank Gonçalves Osterfeld | frank.osterf...@kdab.com | Senior Software Engineer & Teamlead KDAB (Deutschland) GmbH, a KDAB Group Company Tel: +49-30-521325470 KDAB - The Qt, C++ and OpenGL Experts ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] macOS: troubles using my own CA
On Tuesday, 12 July 2022 01:21:07 PDT Alexander Dyagilev wrote: > Again, if, after that, I build app using Qt 6.3.0 and launch it - this > message never appears. > > So, this must be an issue with Qt 5.12. What I want to ask for: is there > any known workaround to suppress this message under Qt 5.12.12? Qt 6.3 uses a completely different implementation of SSL on a Mac from 5.x. It uses the Apple API in SecureTransport, while Qt 5 uses OpenSSL. However, the OpenSSL one is the same as Linux, so the same errors should appear on both. Is it the same OpenSSL 1.1 version? -- Thiago Macieira - thiago.macieira (AT) intel.com Cloud Software Architect - Intel DCAI Cloud Engineering ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
[Interest] macOS: troubles using my own CA
Hello,
I'm on macOS Big Sur 11.5.1.
First, I must say, that there are NO problems when I use Qt 6.3.0.
But, I HAVE TO use Qt 5.12.12, so please if anyone know something that
can help - please help :)
I have my own server, written on Qt, on SSL sockets, with my own CA
certificate. I install it using
QSslConfiguration::setCaCertificates({myCaCert}). I don't use it widely,
only for the socket which is to communicate with my server.
All is working fine under Windows/Linux/Android. But, when it comes to
macOS, I'm getting this socket error (when connecting to my server):
"the root ca certificate is not trusted for this purpose".
OK, I've made my own security check function as a workaround, which
calls ignoreSslErrors(). And it started to work. BUT. My question is not
about this. I've got a second problem after this:
While I launch the same binary - all is OK. But if I modify it (so this
would happen for our users after we update our app next time), I'm
getting this strange message:
Again, if, after that, I build app using Qt 6.3.0 and launch it - this
message never appears.
So, this must be an issue with Qt 5.12. What I want to ask for: is there
any known workaround to suppress this message under Qt 5.12.12?
___
Interest mailing list
Interest@qt-project.org
https://lists.qt-project.org/listinfo/interest
