post

Ignore SSL Certificates in QT

I’ve been rebuilding our check-in application for Fresh Vine this past week in QT. Moving away from Adobe Air has been a while coming since it seems like they are abandoning the environment. Developing our app in HTML5/JS/CSS will allow our team to fix/improve the app more rapidly.

As a part of my dev environment I’m using a locally hosted version of our API (using the Hosts file to direct it local). The issue is that QT checks for the validity of SSL certificates, and I am using a self signed cert in development. Being that my remote file requests come from javascript, I could not simply catch the exception and manually override it. I needed to keep QT from looking for certificates all together.

The below code was difficult to find, so here is to hoping it helps someone else. It alters the configuration of the SSL handler for QT in your app. We are going to comment it out before production to ensure no funny business happens, but for dev this is perfect.

Hope this helps some other poor soul out there strugling to dev out locally. Please don’t leave it in when publishing releases.

The goes at the top of your app’s *.cpp file.

#include <QSslConfiguration>

The goes in your primary app function. I believe the default is main(). I placed it after  `QApplication` and before we instantiated our viewer (`Html5ApplicationViewer` in our case). Setting the PeerVerifyMode allows you to disable any checks for the cert.

int main(int argc, char *argv[]){
    QApplication app(argc, argv);
    ...

    // Ignore SSL Errors [Comment out before production]
    QSslConfiguration sslConf = QSslConfiguration::defaultConfiguration();
    sslConf.setPeerVerifyMode(QSslSocket::VerifyNone);
    QSslConfiguration::setDefaultConfiguration(sslConf);

    ...
    // Load the viewer to hold the application
    Html5ApplicationViewer viewer;
}