Hi

I've got one question. I have to write some code with SSL communication, but there is one big problem. I've got few different certificates and privates keys. I can get correct certificate after I receive from client some important info. After that I chose correct certificate, private key and start socket encryption.

on server side I have



QSslSocket* pSocket = new QSslSocket(this);
pSocket->setSocketDescriptor(m_nextSocketDesc);
pSocket->startServerEncryption();


on client side

m_pSslSocket->connectToHost(address, port);

I was thinking, that after i receive some info i just add correct certificate and start client encryption.
But after client connects to server, server immediately disconnects client and emits errors;
Any suggestions?

Shouldn't you be calling connectToHostEncrypted() on the client if the server starts encryption immediately after receiving the connection?

Yes, it works with connectToHostEncrypted() on the client, but only when server is configured with some certificate and key.
But still it is not solution for my problem. I need to divide communication to unsecured mode and secured mode. In first step i received some info and after that I need to toggle to secure mode. But all communication should be on the same connection.

On the first step I want to connect without encryption

m_pSslSocket->connectToHost(address, port);
and after a while toggle client to encryption

m_pSslSocket->startClientEncryption();

I need to divide communication to unsecured mode and secured mode.
So don't call startServerEncryption() immediately.

It should works. But what should I used instead of startServerEncryption() ? QTcpServer->addPendingConnection(pSslSocket)?

You don't have to do anything. The moment you set the socket descriptor on Qt's socket, you're ready to read/write data to it. Once you know all the details required to establish encryption, call startServerEncryption().