Re: [SailfishDevel] How to use self-signed certificates transparently in a https POST/GET request with a QT Quick application?

Mon, 17 Aug 2015 13:08:37 -0700 

Hi,

Really bad for security, but you can for example in main() before creating any 
connections add these 3 lines of code, which will make application to skip all 
verifications, so any self signed and invalid certs are also accepted.

<clip>
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setPeerVerifyMode(QSslSocket::VerifyNone);
QSslConfiguration::setDefaultConfiguration(config);
</clip>

Br, jonni
________________________________________
From: devel-boun...@lists.sailfishos.org [devel-boun...@lists.sailfishos.org] 
on behalf of juice [ju...@swagman.org]
Sent: Monday, August 17, 2015 10:56 PM
To: devel@lists.sailfishos.org
Subject: [SailfishDevel] How to use self-signed certificates transparently in a 
https POST/GET request with a QT Quick application?

This might be a FAQ or otherwice so self-evident question it just shows
up my
stupidity but I really could not find any pointers on how to do this.

Scenario:

I am writing a client application that periodically polls for data from
a
web service, located on a server that may either have a real certificate
or
might just have a self-signed certificate.

The authenticity of the server is not so important that it definitely
requires
a true certificate, it is just enough that the communication between the
client
and the server is encrypted. The user anyway configures the used server
by DNS
name or IP address and usually the server is controlled by the user
anyway.

Now how can I do this, so that in the client I need not preload any
certificates,
so that for example when the user changes the server address, the next
request
just goes thru encrypted, without caring whether the server certificate
is valid?

Can anybody give me a pointer to some example code?
Can this be done in QML only or do I need to extend it in a c++ module?


--
    - Juice -

_______________________________________________
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
_______________________________________________
SailfishOS.org Devel mailing list
To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org

Reply via email to