Re: [Interest] macOS: troubles using my own CA
> On 12. Jul 2022, at 20:05, Thiago Macieira wrote: > > On Tuesday, 12 July 2022 01:21:07 PDT Alexander Dyagilev wrote: >> Again, if, after that, I build app using Qt 6.3.0 and launch it - this >> message never appears. >> >> So, this must be an issue with Qt 5.12. What I want to ask for: is there >> any known workaround to suppress this message under Qt 5.12.12? > > Qt 6.3 uses a completely different implementation of SSL on a Mac from 5.x. > It > uses the Apple API in SecureTransport, while Qt 5 uses OpenSSL. However, the > OpenSSL one is the same as Linux, so the same errors should appear on both. > > Is it the same OpenSSL 1.1 version? From what I know, SecureTransport is the default used on macOS since Qt 5.10.0 (running configure in 5.10.0 qtbase seems to confirm this). SecureTransport is deprecated by Apple, but the backend is still the default in 6.3. So unless Alexander explicitly enabled OpenSSL for one or the other, it wouldn’t expect big changes here. — Frank Gonçalves Osterfeld | frank.osterf...@kdab.com | Senior Software Engineer & Teamlead KDAB (Deutschland) GmbH, a KDAB Group Company Tel: +49-30-521325470 KDAB - The Qt, C++ and OpenGL Experts ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] macOS: troubles using my own CA
On Tuesday, 12 July 2022 01:21:07 PDT Alexander Dyagilev wrote: > Again, if, after that, I build app using Qt 6.3.0 and launch it - this > message never appears. > > So, this must be an issue with Qt 5.12. What I want to ask for: is there > any known workaround to suppress this message under Qt 5.12.12? Qt 6.3 uses a completely different implementation of SSL on a Mac from 5.x. It uses the Apple API in SecureTransport, while Qt 5 uses OpenSSL. However, the OpenSSL one is the same as Linux, so the same errors should appear on both. Is it the same OpenSSL 1.1 version? -- Thiago Macieira - thiago.macieira (AT) intel.com Cloud Software Architect - Intel DCAI Cloud Engineering ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
[Interest] macOS: troubles using my own CA
Hello, I'm on macOS Big Sur 11.5.1. First, I must say, that there are NO problems when I use Qt 6.3.0. But, I HAVE TO use Qt 5.12.12, so please if anyone know something that can help - please help :) I have my own server, written on Qt, on SSL sockets, with my own CA certificate. I install it using QSslConfiguration::setCaCertificates({myCaCert}). I don't use it widely, only for the socket which is to communicate with my server. All is working fine under Windows/Linux/Android. But, when it comes to macOS, I'm getting this socket error (when connecting to my server): "the root ca certificate is not trusted for this purpose". OK, I've made my own security check function as a workaround, which calls ignoreSslErrors(). And it started to work. BUT. My question is not about this. I've got a second problem after this: While I launch the same binary - all is OK. But if I modify it (so this would happen for our users after we update our app next time), I'm getting this strange message: Again, if, after that, I build app using Qt 6.3.0 and launch it - this message never appears. So, this must be an issue with Qt 5.12. What I want to ask for: is there any known workaround to suppress this message under Qt 5.12.12? ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest