-void SslServer::incomingConnection(int socketDescriptor) {
- QSslSocket *serverSocket = new QSslSocket(this);
- if(serverSocket->setSocketDescriptor(socketDescriptor)) {
- if(certIsValid()) {
- serverSocket->setLocalCertificate(_cert);
- serverSocket->setPrivateKey(_key);
+
+bool SslServer::setCertificate(const QString &path, const QString &keyPath)
+{
+ _isCertValid = false;
+
+ if (path.isEmpty())
+ return false;
+
+ QFile certFile(path);
+ if (!certFile.exists()) {
+ quWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
+ return false;
+ }
+
+ if (!certFile.open(QIODevice::ReadOnly)) {
+ quWarning()
+ << "SslServer: Failed to open certificate file" << qPrintable(path)
+ << "error:" << certFile.error();
+ return false;
+ }
+
+ QList<QSslCertificate> certList = QSslCertificate::fromDevice(&certFile);
+
+ if (certList.isEmpty()) {
+ quWarning() << "SslServer: Certificate file doesn't contain a certificate";
+ return false;
+ }
+
+ _cert = certList[0];
+ certList.removeFirst(); // remove server cert
+
+ // store CA and intermediates certs
+ _ca = certList;
+
+ if (!certFile.reset()) {
+ quWarning() << "SslServer: IO error reading certificate file";
+ return false;
+ }
+
+ // load key from keyPath if it differs from path, otherwise load key from path
+ if(path != keyPath) {
+ QFile keyFile(keyPath);
+ if(!keyFile.exists()) {
+ quWarning() << "SslServer: Key file" << qPrintable(keyPath) << "does not exist";
+ return false;
+ }
+
+ if (!keyFile.open(QIODevice::ReadOnly)) {
+ quWarning()
+ << "SslServer: Failed to open key file" << qPrintable(keyPath)
+ << "error:" << keyFile.error();
+ return false;
+ }
+
+ _key = QSslKey(&keyFile, QSsl::Rsa);
+ keyFile.close();
+ } else {
+ _key = QSslKey(&certFile, QSsl::Rsa);
+ }
+
+ certFile.close();
+
+ if (_cert.isNull()) {
+ quWarning() << "SslServer:" << qPrintable(path) << "contains no certificate data";
+ return false;