I wrote that code:
Server:


//H

#ifndef POLACZENIESSL_H
#define POLACZENIESSL_H
#include <QTcpServer>
#include <QTcpSocket>
#include <QSslSocket>
#include <QFile>
#include <QSslKey>
#include <QAbstractSocket>
class PolaczenieSSL : public QTcpServer
{
Q_OBJECT
public:
PolaczenieSSL(QWidget *parent = 0);
~PolaczenieSSL();
private:
void incomingConnection(int port);
private slots:
void gotowy();
};

#endif // POLACZENIESSL_H

//CPP

#include "polaczeniessl.h"

PolaczenieSSL::PolaczenieSSL(QWidget *parent)
{

}
PolaczenieSSL::~PolaczenieSSL()
{

}
void PolaczenieSSL::incomingConnection(int port)
{
qDebug()<<"incomingConnection";
QSslSocket *serverSocket = new QSslSocket;
serverSocket->setProtocol(QSsl::AnyProtocol);
serverSocket->ignoreSslErrors();
QFile *file = new QFile("server.key");
QSslKey key(file, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, "server");
serverSocket->setPrivateKey(key);
serverSocket->setLocalCertificate("server.csr");
serverSocket->addCaCertificates("/etc/ssl/certs");
if (serverSocket->setSocketDescriptor(port))
{
connect(serverSocket, SIGNAL(encrypted()), this, SLOT(gotowy()));
serverSocket->startServerEncryption();
qDebug()<<serverSocket->errorString();

}
else
{
delete serverSocket;
}
}

void PolaczenieSSL::gotowy()
{
qDebug()<<"gotowy";
}
On console, when client started connection:

incomingConnection
"Unknown error"

What is it wrong?

Please provide a minimal compilable example reproducing the problem. By the way, I suggest you don't call client socket as "serverSocket" and socket as "port", it leads to confusion.

In attachments are code. Next time, I will better use name for variables :-)

The project is missing some files. And based on the code I see I don't think that's a minimal example meant to reproduce a problem but rather your complete project.

I do not understand what is for you "minimal example". File "Polaczenie" I have but a can not publish him on forum because is limit 5 attachments in one post. Can you help me with what I published?

I do not understand what is for you "minimal example".
A minimal amount of code unrelated to your project that suffers from the same problem as your project. It is usually assembled by stripping down everything unrelated to the problem from your project and then eliminating pieces of code until the code starts working. Then you'll have your minimal example.


File "Polaczenie" I have but a can not publish him on forum because is limit 5 attachments in one post.
Then compress everything into single archive (zip or tar.gz).


Can you help me with what I published?
How can I help if I can't reproduce the problem?

I think it will all to reproduce problem. It will run on QtCreator 2.0,on Linux

You are using ignoreSslErrors() incorrectly, that's for sure but the real problem is elsewhere.

You are calling:

qDebug()<<serverSocket->errorString();
And my question is, what would you expect to get as a result of this method for a connection without errors? I can tell you errorString() returns a textual description of QAbstractSocket::SocketError, so the real question is what value of QAbstractSocket::SocketError would you like to receive for a connection without errors?

I did not think it "ignore" = "do not inform". When I comment line: "serverSocket->ignoreSslErrors();" I get that same result: "Unknown error".

I did not think it "ignore" = "do not inform". When I comment line: "serverSocket->ignoreSslErrors();"
This is unrelated to your original "problem", I just say you are using the method incorrectly (it's a no-op in your case). This method should be used as a result of emitting an sslErrors() signal to clear the errors (i.e. untrusted certificate error) and allow the connection to continue.


I get that same result: "Unknown error".
Please answer my question. What result would you expect to get?

Please, Can we talk about problem? I want to encrypt connection but signal "encrypted" is not working and I do not know why. Is this emit necessary? If yes, how this write?

Please, Can we talk about problem?
We are talking about the problem. You think you have a problem and I'm telling you that your problem is not there.


I want to encrypt connection but signal "encrypted" is not working and I do not know why. Is this emit necessary? If yes, how this write?
Thanks for stating the problem, so far you just said you didn't undestand why you were getting the "unknown error" message.

First of all monitor state changes of sockets so that you know in what part of connection establishment your sockets currently are.

#include "polaczeniessl.h"

PolaczenieSSL::PolaczenieSSL(QWidget *parent)
{

}
PolaczenieSSL::~PolaczenieSSL()
{

}
void PolaczenieSSL::incomingConnection(int port)
{
qDebug()<<"incomingConnection";
QSslSocket *serverSocket = new QSslSocket;
connect(serverSocket, SIGNAL(encrypted()), this, SLOT(gotowy()));
connect(serverSocket,SIGNAL(stateChanged(QAbstract Socket::SocketState)),SLOT(stany(QAbstractSocket:: SocketState)));
connect(serverSocket,SIGNAL(error(QAbstractSocket: :SocketError)),this,SLOT(bledy(QAbstractSocket::So cketError)));
connect(serverSocket,SIGNAL(sslErrors(QList<QSslError>)),this,SLOT(bledySSL(QList<QSslError>)));
serverSocket->setProtocol(QSsl::AnyProtocol);
//serverSocket->ignoreSslErrors();
QFile *file = new QFile("server.key");
QSslKey key(file, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, "server");
serverSocket->setPrivateKey(key);
serverSocket->setLocalCertificate("server.csr");
serverSocket->addCaCertificates("/etc/ssl/certs");
if (serverSocket->setSocketDescriptor(port))
{
serverSocket->startServerEncryption();
}
else
{
delete serverSocket;
}
}

void PolaczenieSSL::gotowy()
{
qDebug()<<"gotowy";
}
void PolaczenieSSL::stany(QAbstractSocket::SocketState state)
{
qDebug()<<"Stan: "<<state;
}
void PolaczenieSSL::bledy(QAbstractSocket::SocketError err)
{
qDebug()<<"Blad: "<<err;
}
void PolaczenieSSL::bledySSL(QList<QSslError> l)
{
for(int i=0;i<l.size();++i)
qDebug()<<"BladSSL: "<<l.at(i);
}


incomingConnection
Stan: QAbstractSocket::ConnectedState
Blad: QAbstractSocket::SocketError( 13 ) // The SSL/TLS handshake failed, so the connection was closed (only used in QSslSocket)
Stan: QAbstractSocket::UnconnectedState
I do not know why QList<QSslError> l is empty.

Blad: QAbstractSocket::SocketError( 13 ) // The SSL/TLS handshake failed, so the connection was closed (only used in QSslSocket)

As stated few posts earlier...


connect(serverSocket, SIGNAL(sslErrors(QList<SslError>()), serverSocket, SLOT(ignoreSslErrors()));

I was wrong, I want to encrypt connection but I want to ignore verify by CACertificate. How to do that?

Please just add the code from my previous post to your project.

#include "polaczeniessl.h"

PolaczenieSSL::PolaczenieSSL(QWidget *parent)
{

}
PolaczenieSSL::~PolaczenieSSL()
{

}
void PolaczenieSSL::incomingConnection(int port)
{
qDebug()<<"incomingConnection";
QSslSocket *serverSocket = new QSslSocket;
connect(serverSocket, SIGNAL(encrypted()), this, SLOT(gotowy()));
connect(serverSocket,SIGNAL(stateChanged(QAbstract Socket::SocketState)),SLOT(stany(QAbstractSocket:: SocketState)));
connect(serverSocket,SIGNAL(error(QAbstractSocket: :SocketError)),this,SLOT(bledy(QAbstractSocket::So cketError)));
connect(serverSocket,SIGNAL(sslErrors(QList<QSslError>)),this,SLOT(bledySSL(QList<QSslError>)));
connect(serverSocket,SIGNAL(sslErrors(QList<QSslError>)), serverSocket, SLOT(ignoreSslErrors()));
serverSocket->setProtocol(QSsl::AnyProtocol);
//serverSocket->ignoreSslErrors();
QFile *file = new QFile("server.key");
QSslKey key(file, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, "server");
serverSocket->setPrivateKey(key);
serverSocket->setLocalCertificate("server.csr");
serverSocket->addCaCertificates("/etc/ssl/certs");
if (serverSocket->setSocketDescriptor(port))
{
serverSocket->startServerEncryption();
}
else
{
delete serverSocket;
}
}

void PolaczenieSSL::gotowy()
{
qDebug()<<"gotowy";
}
void PolaczenieSSL::stany(QAbstractSocket::SocketState state)
{
qDebug()<<"Stan: "<<state;
}
void PolaczenieSSL::bledy(QAbstractSocket::SocketError err)
{
qDebug()<<"Blad: "<<err;
}
void PolaczenieSSL::bledySSL(QList<QSslError> l)
{
for(int i=0;i<l.size();++i)
qDebug()<<"BladSSL: "<<l.at(i);
}
It is not working.

What if you remove lines #22-#26?

#include "polaczeniessl.h"

PolaczenieSSL::PolaczenieSSL(QWidget *parent)
{

}
PolaczenieSSL::~PolaczenieSSL()
{

}
void PolaczenieSSL::incomingConnection(int port)
{
qDebug()<<"incomingConnection";
QSslSocket *serverSocket = new QSslSocket;
connect(serverSocket, SIGNAL(encrypted()), this, SLOT(gotowy()));
connect(serverSocket,SIGNAL(stateChanged(QAbstract Socket::SocketState)),SLOT(stany(QAbstractSocket:: SocketState)));
connect(serverSocket,SIGNAL(error(QAbstractSocket: :SocketError)),this,SLOT(bledy(QAbstractSocket::So cketError)));
connect(serverSocket,SIGNAL(sslErrors(QList<QSslError>)),this,SLOT(bledySSL(QList<QSslError>)));
connect(serverSocket,SIGNAL(sslErrors(QList<QSslError>)), serverSocket, SLOT(ignoreSslErrors()));
serverSocket->setProtocol(QSsl::AnyProtocol);
/*
QFile *file = new QFile("server.key");
QSslKey key(file, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, "server");
serverSocket->setPrivateKey(key);
serverSocket->setLocalCertificate("server.csr");
serverSocket->addCaCertificates("/etc/ssl/certs");
*/
if (serverSocket->setSocketDescriptor(port))
{
serverSocket->startServerEncryption();
}
else
{
delete serverSocket;
}
}

void PolaczenieSSL::gotowy()
{
qDebug()<<"gotowy";
}
void PolaczenieSSL::stany(QAbstractSocket::SocketState state)
{
qDebug()<<"Stan: "<<state;
}
void PolaczenieSSL::bledy(QAbstractSocket::SocketError err)
{
qDebug()<<"Blad: "<<err;
}
void PolaczenieSSL::bledySSL(QList<QSslError> l)
{
for(int i=0;i<l.size();++i)
qDebug()<<"BladSSL: "<<l.at(i);
}

It is not working.

incomingConnection
Stan: QAbstractSocket::ConnectedState
Blad: QAbstractSocket::SocketError( 13 )
Stan: QAbstractSocket::UnconnectedState

result in client is:

Stan: QAbstractSocket::HostLookupState
Stan: QAbstractSocket::ConnectingState
Stan: QAbstractSocket::ConnectedState
Mode: 1
Blad: QAbstractSocket::RemoteHostClosedError
Stan: QAbstractSocket::ClosingState
Stan: QAbstractSocket::UnconnectedState

You are using ignoreSslErrors() incorrectly, that's for sure

Wysota, you're probably right but why then the Qt documentation says:

"If an error occurs, QSslSocket emits the sslErrors() signal. In this case, if no action is taken to ignore the error(s), the connection is dropped. To continue, despite the occurrence of an error, you can call ignoreSslErrors(), either from within this slot after the error occurs, or any time after construction of the QSslSocket and before the connection is attempted."

ye you are a sb i am the nb gun du zi