//called during the validation of the client certificate. void OwncloudSetupPage::slotCertificateAccepted() { QSslCertificate sslCertificate; resultP12ToPem certif = p12ToPem(addCertDial->getCertificatePath().toStdString() , addCertDial->getCertificatePasswd().toStdString()); if(certif.ReturnCode){ QString s = QString::fromStdString(certif.Certificate); QByteArray ba = s.toLocal8Bit(); QList<QSslCertificate> sslCertificateList = QSslCertificate::fromData(ba, QSsl::Pem); sslCertificate = sslCertificateList.takeAt(0); _ocWizard->ownCloudCertificate = ba; _ocWizard->ownCloudPrivateKey = certif.PrivateKey.c_str(); _ocWizard->ownCloudCertificatePath = addCertDial->getCertificatePath(); _ocWizard->ownCloudCertificatePasswd = addCertDial->getCertificatePasswd(); AccountPtr acc = _ocWizard->account(); acc->setCertificate(_ocWizard->ownCloudCertificate, _ocWizard->ownCloudPrivateKey); addCertDial->reinit(); validatePage(); } else { QString message; message = certif.Comment.c_str(); addCertDial->showErrorMessage(message); addCertDial->show(); } }
QSslConfiguration Account::getOrCreateSslConfig() { if (!_sslConfiguration.isNull()) { // Will be set by CheckServerJob::finished() // We need to use a central shared config to get SSL session tickets return _sslConfiguration; } // if setting the client certificate fails, you will probably get an error similar to this: // "An internal error number 1060 happened. SSL handshake failed, client certificate was requested: SSL error: sslv3 alert handshake failure" QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration(); QSslCertificate sslClientCertificate; ConfigFile cfgFile; if(!cfgFile.certificatePath().isEmpty() && !cfgFile.certificatePasswd().isEmpty()) { resultP12ToPem certif = p12ToPem(cfgFile.certificatePath().toStdString(), cfgFile.certificatePasswd().toStdString()); QString s = QString::fromStdString(certif.Certificate); QByteArray ba = s.toLocal8Bit(); this->setCertificate(ba, QString::fromStdString(certif.PrivateKey)); } if((!_pemCertificate.isEmpty())&&(!_pemPrivateKey.isEmpty())) { // Read certificates QList<QSslCertificate> sslCertificateList = QSslCertificate::fromData(_pemCertificate, QSsl::Pem); if(sslCertificateList.length() != 0) { sslClientCertificate = sslCertificateList.takeAt(0); } // Read key from file QSslKey privateKey(_pemPrivateKey.toLocal8Bit(), QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey , ""); // SSL configuration sslConfig.setCaCertificates(QSslSocket::systemCaCertificates()); sslConfig.setLocalCertificate(sslClientCertificate); sslConfig.setPrivateKey(privateKey); qDebug() << "Added SSL client certificate to the query"; } #if QT_VERSION > QT_VERSION_CHECK(5, 2, 0) // Try hard to re-use session for different requests sslConfig.setSslOption(QSsl::SslOptionDisableSessionTickets, false); sslConfig.setSslOption(QSsl::SslOptionDisableSessionSharing, false); sslConfig.setSslOption(QSsl::SslOptionDisableSessionPersistence, false); #endif return sslConfig; }