C++ QSslSocket代理服务器(https)和证书。握手错误
我正在编写一个代理服务器,http部分已经准备好了,但是https有问题。 我以这种方式创建了证书和私钥(据我所知,没有它将无法工作):C++ QSslSocket代理服务器(https)和证书。握手错误,c++,qt,https,openssl,C++,Qt,Https,Openssl,我正在编写一个代理服务器,http部分已经准备好了,但是https有问题。 我以这种方式创建了证书和私钥(据我所知,没有它将无法工作): OpenSSL> req-x509-newkey rsa: 2048-keyout server.key-nodes-days 365-out server.csr 我做了一个简单的QTcpServer,将socketDescriptor传递给newIncomingConnection()上创建的对象。 在对象的构造函数中,我执行了以下操作:
OpenSSL> req-x509-newkey rsa: 2048-keyout server.key-nodes-days 365-out server.csr
我做了一个简单的QTcpServer,将socketDescriptor传递给newIncomingConnection()上创建的对象。
在对象的构造函数中,我执行了以下操作:
sock = new QSslSocket();
connect (sock,SIGNAL(readyRead()),this,SLOT(onQuery()));
connect(sock,SIGNAL(disconnected()),this,SLOT(deleteLater()));
connect(sock,SIGNAL(error(QAbstractSocket::SocketError)),this,SLOT(onError(QAbstractSocket::SocketError)));
connect(sock,SIGNAL(sslErrors(QList<QSslError>)),this,SLOT(sltSslErrors(QList<QSslError>)));
...
Load key and cert
...
sock->setProtocol(QSsl::AnyProtocol);
QSslKey sslKey(key, QSsl::Rsa);
QSslCertificate sslCert(cert);
sock->setPrivateKey(sslKey);
sock->setLocalCertificate(sslCert);
sock->setSocketDescriptor(socketDesc);
sock->startServerEncryption();
if(!sock->waitForEncrypted(30000)) {
qDebug()<<"wait for encrypted failed";
}
sock=新的QSslSocket();
连接(sock,SIGNAL(readyRead()),this,SLOT(onQuery());
连接(sock,SIGNAL(disconnected()),此,插槽(deleteLater());
连接(sock,信号(error(QAbstractSocket::SocketError)),此,插槽(onError(QAbstractSocket::SocketError));
连接(sock,SIGNAL(sslErrors(QList)),此,插槽(sltSslErrors(QList));
...
加载密钥和证书
...
sock->setProtocol(QSsl::AnyProtocol);
QSslKey sslKey(密钥,QSsl::Rsa);
QSSLSSLCERT证书(证书);
sock->setPrivateKey(sslKey);
sock->setLocalCertificate(sslCert);
sock->setSocketDescriptor(socketDesc);
sock->startServerEncryption();
如果(!sock->waitForEncrypted(30000)){
qDebug()我认为在调用setPrivateKey
和setLocalCertificate
方法之前,需要调用setSocketDescriptor
下面是我用来创建HTTPS服务器套接字的代码,扩展了qtcserver
void SslServer::incomingConnection(qintptr socketDescriptor)
{
QSslSocket *serverSocket = new QSslSocket;
if (serverSocket->setSocketDescriptor(socketDescriptor)) {
QFile keyFile(<sslKeyFileName>);
if (!keyFile.open(QIODevice::ReadOnly)) {
delete serverSocket;
return;
}
QSslKey key(&keyFile, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
if (key.isNull()) {
delete serverSocket;
return;
}
keyFile.close();
serverSocket->setPrivateKey(key);
// to prevent asking for client certificate.
serverSocket->setPeerVerifyMode(QSslSocket::VerifyNone);
serverSocket->setLocalCertificate(<certificateFileName>);
serverSocket->startServerEncryption();
if (serverSocket->waitForEncrypted(3000)) {
// this will emit a newConnection() signal
addPendingConnection(serverSocket);
} else {
qDebug() << "Encryption Failed.";
delete serverSocket;
}
} else {
delete serverSocket;
}
}
void SslServer::incomingConnection(qintpttr socketDescriptor)
{
QSslSocket*serverSocket=新QSslSocket;
if(serverSocket->setSocketDescriptor(socketDescriptor)){
QFile键文件();
如果(!keyFile.open(QIODevice::ReadOnly)){
删除服务器套接字;
返回;
}
QSslKey密钥(&keyFile,QSsl::Rsa,QSsl::Pem,QSsl::PrivateKey);
if(key.isNull()){
删除服务器套接字;
返回;
}
keyFile.close();
serverSocket->setPrivateKey(密钥);
//防止请求客户端证书。
serverSocket->setPeerVerifyMode(QSslSocket::VerifyNone);
serverSocket->setLocalCertificate();
serverSocket->startServerEncryption();
如果(serverSocket->waitForEncrypted(3000)){
//这将发出newConnection()信号
addPendingConnection(服务器套接字);
}否则{
qDebug()