May 12, 2011

PSI-lbc PSI-lbc
Lab Rat
39 posts

HTTPS via Qt QWebView not working in all cases

 

I started this on the general forum but decided to add it here as well because this seems to be the more appropriate venue.

More details about the problem can be found on that thread..
http://developer.qt.nokia.com/forums/viewthread/5775/

Thinking that maybe it was code in my existing project causing the problem, I created a brand new project. The project only has the main window that contains a QWebView widget. Project was created using Qt Creator 2.2.

  1. #-------------------------------------------------
  2. #
  3. # Project created by QtCreator 2011-05-11T07:33:27
  4. #
  5. #-------------------------------------------------
  6.  
  7. QT += core gui
  8. QT += webkit
  9.  
  10. TARGET = TestStuff
  11. TEMPLATE = app
  12.  
  13.  
  14. SOURCES += main.cpp\
  15.         MainWindow.cpp
  16.  
  17. HEADERS  += MainWindow.h
  18.  
  19. FORMS    += MainWindow.ui

This is painfully simple. Just executing one line of code…the “ui->webView->load”.

  1. #include "MainWindow.h"
  2. #include "ui_MainWindow.h"
  3.  
  4. MainWindow::MainWindow(QWidget *parent) :
  5.     QMainWindow(parent),
  6.     ui(new Ui::MainWindow)
  7. {
  8.     ui->setupUi(this);
  9.  
  10. //**this line loads a simple html file and displays it.  Doing a "form POST" from within the loaded html to a secure https website does not work.
  11.     //ui->webView->load( QUrl::fromLocalFile(QApplication::applicationDirPath() + "/" + "Help" + "/" + "h-2BuyButton-SFA.html") );
  12.  
  13. //**this line works fine.  The qt.gitorious.org https website opens and displays in the webview
  14.     //ui->webView->load(QUrl("https://qt.gitorious.org/"));
  15.  
  16. //**this line does not work. Actual url elided.  Nothing is loaded or displayed in the webview
  17. .
  18.     ui->webView->load(QUrl("https://mysecure.gateway.com/really.secure"));
  19.  
  20. }
  21.  
  22. MainWindow::~MainWindow()
  23. {
  24.     delete ui;
  25. }

I can open the simple html file with Internet Explorer and it will display. When I click a “buy” button, my secure https website opens at the order entry page.

I can open Internet Explorer and paste the “https://qt.gitorious.org/” url into the navigate to bar and visit the Qt https website.

I can open Internet Explorer and paste the “https://mysecure.gateway.com/really.secure” url into the the navigate to bar and visit my https order processing website.

So what is preventing the webview from visiting my https order processing website?

Why does loading one https website work, but not the other?

I also tried the complete project(not the downsized project shown above) on a Mac with the same results.

Is this a bug that needs to be reported?

7 replies

May 13, 2011

PSI-lbc PSI-lbc
Lab Rat
39 posts

Evidently this problem has been around for a while. Found a thread on the Qt Centre forum from 2009 that was experiencing something similar. Was able to tweak code as follows…

In my “form” instantiation, I connected the qwebview’s qnam to the appropriate signal and slot before loading the https url into the webview…

  1.   connect(ui->webView->page()->networkAccessManager(),
  2.           SIGNAL(sslErrors(QNetworkReply*, const QList<QSslError> & )),
  3.           this,
  4.           SLOT(sslErrorHandler(QNetworkReply*, const QList<QSslError> & )));

In the .h

  1. void sslErrorHandler(QNetworkReply* qnr, const QList<QSslError> & errlist);

In the .cpp

  1. void frmBuyIt::sslErrorHandler(QNetworkReply* qnr, const QList<QSslError> & errlist)
  2. {
  3.  
  4.   #if DEBUG_BUYIT
  5.   qDebug() << "---frmBuyIt::sslErrorHandler: ";
  6.   // show list of all ssl errors
  7.   foreach (QSslError err, errlist)
  8.     qDebug() << "ssl error: " << err;
  9.   #endif
  10.  
  11.    qnr->ignoreSslErrors();
  12. }

The ssl errors happen and are ignored…which allows my https webpage to load.

November 10, 2011

pekwood pekwood
Lab Rat
1 posts

I meet the smae issue. I will try on the way, thx.

December 12, 2011

viktor.benei viktor.benei
Lab Rat
39 posts

Same problem here, and cannot find any other solution except the ignoreSslErrors() which is a dirty hack especially for our system which stores personal informations.

December 12, 2011

peppe peppe
Ant Farmer
1026 posts
  • Qt DevNet Moderator
  • Certified Specialist

What’s that supposed to mean? Are you 100% sure that your server certificate should be regarded as valid by Qt?

 Signature 

Software Engineer
KDAB (UK) Ltd., a KDAB Group company

December 13, 2011

viktor.benei viktor.benei
Lab Rat
39 posts

What I tried: with the same communication code (based on QNetworkAccessManager) https://twitter.com can be reqested and it doesn’t emit the sslErrors(…) signal. But it does for our site.

The site’s certificate is accepted by Google Chrome, Internet Explorer, Opera, Firefox, … But QNetworkAccessManager emits sslErrors(…) with these QSslErrors:

  1. BaseNetworkRequest::_sslErrors : Error:  "The issuer certificate of a locally looked up certificate could not be found"
  2. BaseNetworkRequest::_sslErrors : Error:  "The root CA certificate is not trusted for this purpose"
  3. BaseNetworkRequest::_sslErrors : Error:  "No certificates could be verified"

I tried to manually add the cert to the request, but it still emits these SslErrors.

  1.     QFile certFile(QString(":/aw_cert4_der"));
  2.     Q_ASSERT(certFile.open(QIODevice::ReadOnly));
  3.     QByteArray certContent = certFile.readAll();
  4.     DLog("Cert: ") << certContent;
  5.     QSslCertificate cert(certContent, QSsl::Der);
  6.  
  7.     DLog("Is cert valid: ") << cert.isValid();
  8.     DLog("Cert info: ") << cert.effectiveDate() << cert.expiryDate() << cert.issuerInfo(QSslCertificate::Organization);
  9.  
  10.     QSslConfiguration sslConfig = networkRequest->sslConfiguration();
  11.     QList<QSslCertificate> caCerts = sslConfig.caCertificates();
  12.     caCerts.append(cert);
  13.     sslConfig.setCaCertificates(caCerts);
  14.     networkRequest->setSslConfiguration(sslConfig);

cert.isValid() return true, and I can get the effectiveDate and the other certificate information and are all correct.

Am I missing something? I Googled a lot and the only solution I found is to call the QNetworkReply’s ignoreSslErrors() method, which works, but I don’t want to use it if I not have to.

June 11, 2012

Jason.Dolan Jason.Dolan
Lab Rat
14 posts

Has this been submitted as a bug to QT?

We are getting this within our project as well but can’t determine if it’s an issue on our side or if the site we’re connecting to has an invalid certificate. Connecting to them via firefox seems to work fine 9 times out of 10 (where the tenth time firefox shows a “untrusted certificate” error).

February 17, 2013

kmansh kmansh
Lab Rat
2 posts

Hi,

I do not understand if there is a solution to the above problem ?

I am using Qt4.8.3. some Https pages are loaded other do not, and for those not, I do not get any ssl

errors, so It is hard to find where the problem is.

Does anyone have a solution ? Any help would be great.

Thanks

 
  ‹‹ What ’s the system level api inside QApplication that QNetworkRequest utilize?      Equivalent direct webkit API for QtWebkit functionality ››

You must log in to post a reply. Not a member yet? Register here!

 
Selected by the fine Qt Content Robot based on tags and ratings.

Possibly related content

Forum posts and FAQ