双向认证:
一、服务器端 参考文章
https://blog.csdn.net/chuzhi78/article/details/76877935
生成双向验证的pem
openssl pkcs12 -in server/certs/server-cert.p12 -clcerts -nokeys -out server/certs/server-cert.pem
二、客户端
windows提前需要安装OpenSSL
QT5.12.10参考文章
http://www.suoniao.com/article/5ed8f015b7460000f100688f
https://www.jianshu.com/p/0f9d365c3375
bool NetworkManager::init(){
// 发送https请求前准备工作;
QByteArray password = "";
QFile pkcs("D:/user/client-cert.p12");
bool import =pkcs.open(QFile::ReadOnly);
QSslKey key;
QSslCertificate cert;
QList<QSslCertificate> certs;
import =QSslCertificate::importPkcs12(&pkcs,&key,&cert,&certs,password);
pkcs.close();
config.setPrivateKey(key);
config.setLocalCertificate(cert);
QFile peerFile("D:/user/server-cert.pem");
import &= peerFile.open(QIODevice::ReadOnly);
QSslCertificate peerCert(peerFile.readAll(), QSsl::Pem);
config.setPeerVerifyMode(QSslSocket::VerifyPeer);
config.setPeerVerifyDepth(1);
QList<QSslCertificate> caCerts;
caCerts << peerCert;
config.setCaCertificates(caCerts);
config.setProtocol(QSsl::TlsV1SslV3);
return import;
}
网友评论