程序需要通过HTTPS访问一个cgi程序,出现错误:QNetworkReply::SslHandshakeFailedError
wireshark抓取通过IE访问该页面和执行程序访问该页面的包,没有看到明显差异。但使用IE访问时,会提示certificationerror,需要选择继续访问才能访问该页面。
经过一番搜索和尝试,发现将QSslConfiguration中的peerverify mode设置为QSslSocket::VerfifyNone后问题解决。缺省mode为AutoVerifyPeer。QtAssistant上的描述是:
enum QSslSocket::PeerVerifyMode
Describes the peer verification modes for QSslSocket.The default mode is AutoVerifyPeer, which selects an appropriatemode depending on the socket's QSocket::SslMode.
| Constant | Value | Description |
|---|---|---|
| QSslSocket::VerifyNone | 0 | QSslSocket willnot request a certificate from the peer. You can set this mode ifyou are not interested in the identity of the other side of theconnection. The connection will still be encrypted, and your socketwill still send its local certificate to the peer if it'srequested. |
| QSslSocket::QueryPeer | 1 | QSslSocket willrequest a certificate from the peer, but does not require thiscertificate to be valid. This is useful when you want to displaypeer certificate details to the user without affecting the actualSSL handshake. This mode is the default for servers. |
| QSslSocket::VerifyPeer | 2 | QSslSocket willrequest a certificate from the peer during the SSL handshake phase,and requires that this certificate is valid. Onfailure, QSslSocket willemit theQSslSocket::sslErrors()signal. This mode is the default for clients. |
| QSslSocket::AutoVerifyPeer | 3 | QSslSocket willautomatically use QueryPeer for server sockets and VerifyPeer forclient sockets. |
This enum was introduced or modified in Qt 4.4.
See also QSslSocket::peerVerifyMode().
manager= new QNetworkAccessManager;
QNetworkRequest request;
QString url = tr("https://username:password@%1%2").arg(curEnb.enbIp).arg(cgiPathMap["ENABLESSH"]);
request.setUrl(QUrl(url));
QSslConfiguration config =QSslConfiguration::defaultConfiguration();
config.setProtocol(QSsl::TlsV1);
config.setPeerVerifyMode(QSslSocket::VerifyNone);
request.setSslConfiguration(config);
if(enableDebug)
{
logTab->append(tr("QNetworkRequest::Attribute"));
parseNetRequestAttribute(&request);
}
reply = manager->get(request);
if(enableDebug)
{
logTab->append(tr("GET%1").arg(reply->url().toString()));
}
connect(manager, SIGNAL(finished(QNetworkReply*)), this,SLOT(onNetManagerFinished(QNetworkReply*)));
connect(reply, SIGNAL(error(QNetworkReply::NetworkError)), this,SLOT(onNetReplyError(QNetworkReply::NetworkError)));
connect(reply, SIGNAL(sslErrors(QList&)), this,SLOT(onNetReplySshErrors(QList&)));