我正在尝试编写一个使用全新 QWebSockets 的应用程序。
到目前为止,我想实现安全的 Web 套接字,但示例指向我拒绝 SSL 错误,即使他们评论说它是不安全的。
我的问题是:我应该如何在客户端处理 SSL 证书的控制,甚至是自签名证书?在这种情况下,最佳实践是什么?
仅供参考,这里有一个指向QWebSocket 类发出的 QSSLErrors的链接。
不幸的是,当我打印它们时, webSocket.sslConfiguration().peerCertificate() 返回空值。
问问题
617 次
1 回答
0
Very broad, but you shouldn't trust all certificates, or bypass hostname checking in HTTPS. You don't need to verify the certificate itself, as the library should do that. You should also check that the subjectDN of the certificate is the one you're expecting to see, unless you're using HTTPS which does that for you (hostname check).
于 2014-06-06T22:37:24.900 回答