We bake cookies in your browser for a better experience. Using this site means that you consent.Read More
We bake cookies in your browser for a better experience. Using this site means that you consent.Read More
TheQSslConfiguration class holds the configuration and state of an SSL connectionMore...
| Header: | #include <QSslConfiguration> |
| Since: | Qt 4.4 |
Note: All functions in this class arereentrant.
| QSslConfiguration() | |
| QSslConfiguration(const QSslConfiguration & other) | |
| ~QSslConfiguration() | |
| QList<QSslCertificate> | caCertificates() const |
| QList<QSslCipher> | ciphers() const |
| bool | isNull() const |
| QSslCertificate | localCertificate() const |
| QSslCertificate | peerCertificate() const |
| QList<QSslCertificate> | peerCertificateChain() const |
| int | peerVerifyDepth() const |
| QSslSocket::PeerVerifyMode | peerVerifyMode() const |
| QSslKey | privateKey() const |
| QSsl::SslProtocol | protocol() const |
| QSslCipher | sessionCipher() const |
| void | setCaCertificates(const QList<QSslCertificate> & certificates) |
| void | setCiphers(const QList<QSslCipher> & ciphers) |
| void | setLocalCertificate(const QSslCertificate & certificate) |
| void | setPeerVerifyDepth(int depth) |
| void | setPeerVerifyMode(QSslSocket::PeerVerifyMode mode) |
| void | setPrivateKey(const QSslKey & key) |
| void | setProtocol(QSsl::SslProtocol protocol) |
| void | setSslOption(QSsl::SslOption option, bool on) |
| bool | testSslOption(QSsl::SslOption option) const |
| bool | operator!=(const QSslConfiguration & other) const |
| QSslConfiguration & | operator=(const QSslConfiguration & other) |
| bool | operator==(const QSslConfiguration & other) const |
| QSslConfiguration | defaultConfiguration() |
| void | setDefaultConfiguration(const QSslConfiguration & configuration) |
TheQSslConfiguration class holds the configuration and state of an SSL connection
QSslConfiguration is used by Qt networking classes to relay information about an open SSL connection and to allow the application to control certain features of that connection.
The settings thatQSslConfiguration currently supports are:
These settings are applied only during the connection handshake. Setting them after the connection has been established has no effect.
The state thatQSslConfiguration supports are:
The state can only be obtained once the SSL connection starts, but not necessarily before it's done. Some settings may change during the course of the SSL connection without need to restart it (for instance, the cipher can be changed over time).
State inQSslConfiguration objects cannot be changed.
QSslConfiguration can be used withQSslSocket and the Network Access API.
Note that changing settings inQSslConfiguration is not enough to change the settings in the related SSL connection. You must call setSslConfiguration on a modifiedQSslConfiguration object to achieve that. The following example illustrates how to change the protocol to TLSv1 in aQSslSocket object:
QSslConfiguration config= sslSocket.sslConfiguration();config.setProtocol(QSsl::TlsV1);sslSocket.setSslConfiguration(config);
QSslSocket,QNetworkAccessManager,QSslSocket::sslConfiguration(),QSslSocket::setSslConfiguration()
See alsoQSsl::SslProtocol,QSslCertificate,QSslCipher, andQSslKey.
Constructs an empty SSL configuration. This configuration contains no valid settings and the state will be empty.isNull() will return true after this constructor is called.
Once any setter methods are called,isNull() will return false.
Copies the configuration and state ofother. Ifother is null, this object will be null too.
Releases any resources held byQSslConfiguration.
Returns this connection's CA certificate database. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate. It can be modified prior to the handshake withsetCaCertificates(), or withQSslSocket'saddCaCertificate() andaddCaCertificates().
See alsosetCaCertificates().
Returns this connection's current cryptographic cipher suite. This list is used during the handshake phase for choosing a session cipher. The returned list of ciphers is ordered by descending preference. (i.e., the first cipher in the list is the most preferred cipher). The session cipher will be the first one in the list that is also supported by the peer.
By default, the handshake phase can choose any of the ciphers supported by this system's SSL libraries, which may vary from system to system. The list of ciphers supported by this system's SSL libraries is returned byQSslSocket::supportedCiphers(). You can restrict the list of ciphers used for choosing the session cipher for this socket by callingsetCiphers() with a subset of the supported ciphers. You can revert to using the entire set by callingsetCiphers() with the list returned byQSslSocket::supportedCiphers().
See alsosetCiphers() andQSslSocket::supportedCiphers().
[static]QSslConfiguration QSslConfiguration::defaultConfiguration()Returns the default SSL configuration to be used in new SSL connections.
The default SSL configuration consists of:
See alsoQSslSocket::supportedCiphers() andsetDefaultConfiguration().
Returns true if this is a nullQSslConfiguration object.
AQSslConfiguration object is null if it has been default-constructed and no setter methods have been called.
See alsosetProtocol(),setLocalCertificate(),setPrivateKey(),setCiphers(), andsetCaCertificates().
Returns the certificate to be presented to the peer during the SSL handshake process.
See alsosetLocalCertificate().
Returns the peer's digital certificate (i.e., the immediate certificate of the host you are connected to), or a null certificate, if the peer has not assigned a certificate.
The peer certificate is checked automatically during the handshake phase, so this function is normally used to fetch the certificate for display or for connection diagnostic purposes. It contains information about the peer, including its host name, the certificate issuer, and the peer's public key.
Because the peer certificate is set during the handshake phase, it is safe to access the peer certificate from a slot connected to theQSslSocket::sslErrors() signal,QNetworkReply::sslErrors() signal, or theQSslSocket::encrypted() signal.
If a null certificate is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.
If you want to check the peer's complete chain of certificates, usepeerCertificateChain() to get them all at once.
See alsopeerCertificateChain(),QSslSocket::sslErrors(),QSslSocket::ignoreSslErrors(),QNetworkReply::sslErrors(), andQNetworkReply::ignoreSslErrors().
Returns the peer's chain of digital certificates, starting with the peer's immediate certificate and ending with the CA's certificate.
Peer certificates are checked automatically during the handshake phase. This function is normally used to fetch certificates for display, or for performing connection diagnostics. Certificates contain information about the peer and the certificate issuers, including host name, issuer names, and issuer public keys.
Because the peer certificate is set during the handshake phase, it is safe to access the peer certificate from a slot connected to theQSslSocket::sslErrors() signal,QNetworkReply::sslErrors() signal, or theQSslSocket::encrypted() signal.
If an empty list is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.
If you want to get only the peer's immediate certificate, usepeerCertificate().
See alsopeerCertificate(),QSslSocket::sslErrors(),QSslSocket::ignoreSslErrors(),QNetworkReply::sslErrors(), andQNetworkReply::ignoreSslErrors().
Returns the maximum number of certificates in the peer's certificate chain to be checked during the SSL handshake phase, or 0 (the default) if no maximum depth has been set, indicating that the whole certificate chain should be checked.
The certificates are checked in issuing order, starting with the peer's own certificate, then its issuer's certificate, and so on.
See alsosetPeerVerifyDepth() andpeerVerifyMode().
Returns the verify mode. This mode decides whetherQSslSocket should request a certificate from the peer (i.e., the client requests a certificate from the server, or a server requesting a certificate from the client), and whether it should require that this certificate is valid.
The default mode is AutoVerifyPeer, which tellsQSslSocket to use VerifyPeer for clients, QueryPeer for servers.
See alsosetPeerVerifyMode().
Returns theSSL key assigned to this connection or a null key if none has been assigned yet.
See alsosetPrivateKey() andlocalCertificate().
Returns the protocol setting for this SSL configuration.
See alsosetProtocol().
Returns the socket's cryptographiccipher, or a null cipher if the connection isn't encrypted. The socket's cipher for the session is set during the handshake phase. The cipher is used to encrypt and decrypt data transmitted through the socket.
The SSL infrastructure also provides functions for setting the ordered list of ciphers from which the handshake phase will eventually select the session cipher. This ordered list must be in place before the handshake phase begins.
See alsociphers(),setCiphers(), andQSslSocket::supportedCiphers().
Sets this socket's CA certificate database to becertificates. The certificate database must be set prior to the SSL handshake. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate.
See alsocaCertificates().
Sets the cryptographic cipher suite for this socket tociphers, which must contain a subset of the ciphers in the list returned by supportedCiphers().
Restricting the cipher suite must be done before the handshake phase, where the session cipher is chosen.
See alsociphers() andQSslSocket::supportedCiphers().
[static]void QSslConfiguration::setDefaultConfiguration(constQSslConfiguration & configuration)Sets the default SSL configuration to be used in new SSL connections to beconfiguration. Existing connections are not affected by this call.
See alsoQSslSocket::supportedCiphers() anddefaultConfiguration().
Sets the certificate to be presented to the peer during SSL handshake to becertificate.
Setting the certificate once the connection has been established has no effect.
A certificate is the means of identification used in the SSL process. The local certificate is used by the remote end to verify the local user's identity against its list of Certification Authorities. In most cases, such as in HTTP web browsing, only servers identify to the clients, so the client does not send a certificate.
See alsolocalCertificate().
Sets the maximum number of certificates in the peer's certificate chain to be checked during the SSL handshake phase, todepth. Setting a depth of 0 means that no maximum depth is set, indicating that the whole certificate chain should be checked.
The certificates are checked in issuing order, starting with the peer's own certificate, then its issuer's certificate, and so on.
See alsopeerVerifyDepth() andsetPeerVerifyMode().
Sets the verify mode tomode. This mode decides whetherQSslSocket should request a certificate from the peer (i.e., the client requests a certificate from the server, or a server requesting a certificate from the client), and whether it should require that this certificate is valid.
The default mode is AutoVerifyPeer, which tellsQSslSocket to use VerifyPeer for clients, QueryPeer for servers.
See alsopeerVerifyMode().
Sets the connection's privatekey tokey. The private key and the localcertificate are used by clients and servers that must prove their identity to SSL peers.
Both the key and the local certificate are required if you are creating an SSL server socket. If you are creating an SSL client socket, the key and local certificate are required if your client must identify itself to an SSL server.
See alsoprivateKey() andsetLocalCertificate().
Sets the protocol setting for this configuration to beprotocol.
Setting the protocol once the connection has already been established has no effect.
See alsoprotocol().
Enables or disables an SSL compatibility option.
See alsotestSSlOption().
Returns true if the specified SSL compatibility option is enabled.
This function was introduced in Qt 4.8.
See alsotestSSlOption().
Returns true if thisQSslConfiguration differs fromother. TwoQSslConfiguration objects are considered different if any state or setting is different.
See alsooperator==().
Copies the configuration and state ofother. Ifother is null, this object will be null too.
Returns true if thisQSslConfiguration object is equal toother.
TwoQSslConfiguration objects are considered equal if they have the exact same settings and state.
See alsooperator!=().
© 2016 The Qt Company Ltd. Documentation contributions included herein are the copyrights of their respective owners. The documentation provided herein is licensed under the terms of theGNU Free Documentation License version 1.3 as published by the Free Software Foundation. Qt and respective logos are trademarks of The Qt Company Ltd. in Finland and/or other countries worldwide. All other trademarks are property of their respective owners.