if(isCertValid()) {
serverSocket->setLocalCertificate(_cert);
serverSocket->setPrivateKey(_key);
+ serverSocket->addCaCertificates(_ca);
}
_pendingConnections << serverSocket;
emit newConnection();
<< "error:" << certFile.error();
return false;
}
- _cert = QSslCertificate(&certFile);
+
+ QList<QSslCertificate> certList = QSslCertificate::fromDevice(&certFile);
+
+ if (certList.isEmpty()) {
+ quWarning() << "SslServer: Certificate file doesn't contain a certificate";
+ return false;
+ }
+
+ _cert = certList[0];
+ certList.removeFirst(); // remove server cert
+
+ // store CA and intermediates certs
+ _ca = certList;
if(!certFile.reset()) {
quWarning() << "SslServer: IO error reading certificate file";
return false;
}
if(!_cert.isValid()) {
- quWarning() << "SslServer: Invalid certificate";
- return false;
+ quWarning() << "SslServer: Invalid certificate (most likely expired)";
}
if(_key.isNull()) {
quWarning() << "SslServer:" << qPrintable(path) << "contains no key data";