QSslSocket toggle certificates
Hi
I've got one question. I have to write some code with SSL communication, but there is one big problem. I've got few different certificates and privates keys. I can get correct certificate after I receive from client some important info. After that I chose correct certificate, private key and start socket encryption.
on server side I have
Code:
QSslSocket* pSocket = new QSslSocket(this);
pSocket->setSocketDescriptor(m_nextSocketDesc);
pSocket->startServerEncryption();
on client side
Code:
m_pSslSocket->connectToHost(address, port);
I was thinking, that after i receive some info i just add correct certificate and start client encryption.
But after client connects to server, server immediately disconnects client and emits errors;
Any suggestions?
Re: QSslSocket toggle certificates
Shouldn't you be calling connectToHostEncrypted() on the client if the server starts encryption immediately after receiving the connection?
Re: QSslSocket toggle certificates
Yes, it works with connectToHostEncrypted() on the client, but only when server is configured with some certificate and key.
But still it is not solution for my problem. I need to divide communication to unsecured mode and secured mode. In first step i received some info and after that I need to toggle to secure mode. But all communication should be on the same connection.
On the first step I want to connect without encryption
Code:
m_pSslSocket->connectToHost(address, port);
and after a while toggle client to encryption
Code:
m_pSslSocket->startClientEncryption();
Re: QSslSocket toggle certificates
Quote:
Originally Posted by
raszewski
I need to divide communication to unsecured mode and secured mode.
So don't call startServerEncryption() immediately.
Re: QSslSocket toggle certificates
It should works. But what should I used instead of startServerEncryption() ? QTcpServer->addPendingConnection(pSslSocket)?
Re: QSslSocket toggle certificates
You don't have to do anything. The moment you set the socket descriptor on Qt's socket, you're ready to read/write data to it. Once you know all the details required to establish encryption, call startServerEncryption().
