我在 apache 上安装了一个真正购买的 comodo positive ssl 证书,并通过网站https://www.sslshopper.com/ssl-checker.html检查了正确的安装 ,证书是 5 个文件
AddTrust_External_CA_Root.crt
COMODO_RSA_Certification_Authority.crt
sslserver.crt
sslserver.key
sslserver.ca-bundle
当我尝试通过控制台中的 chrome 连接到我的服务器时,出现以下错误:
WebSocket 连接到“wss://192.165.10.70:5870/”失败:连接建立错误:net::ERR_CERT_COMMON_NAME_INVALID
在服务器端:
现在监听 0.0.0.0:5870 ("COMODO CA Limited") ("COMODO RSA Domain Validation Secure Server CA") ("GB") 新连接 peerCertificate QSslCertificate("", "", "1B2C1Y8AsgApgBmY7PhCtg==", () , (), QMap(), QDateTime(无效), QDateTime(无效))
对等名称“”
加密数据
加密
错误“远程主机关闭了连接”
错误:无法接收消息(远程主机关闭连接)
js客户端:
<script type="text/javascript">
let socket = new WebSocket("wss://192.165.10.70:5870");
socket.onmessage = function(response) {
console.log(response.data);
}
socket.onopen = function() {
socket.send("hi");
}
socket.onclose = function(e) {
if(e.wasClean) {
console.log('Close server connect');
}
else {
console.log('connect fail');
}
console.log('error: ' + e.code + ' reason: ' + e.reason);
}
socket.onerror = function(err) {
console.log('error: '+err.message);
}
</script>
数量:
void ServerExample::run()
{
QHostAddress address = QHostAddress::Any;
quint16 port = 5870;
SslServer sslServer;
sslServer.setSslLocalCertificate("C:\\Users\\Adm\\Documents\\Server\\sslserver.pem");
sslServer.setSslPrivateKey("C:\\Users\\Adm\\Documents\\Server\\sslserver.key");
sslServer.setSslProtocol(QSsl::TlsV1_2);
if (sslServer.listen(address, port))
qDebug().nospace() << "Now listening on " << qPrintable(address.toString()) << ":" << port;
else
qDebug().nospace() << "ERROR: could not bind to " << qPrintable(address.toString()) << ":" << port;
if (sslServer.waitForNewConnection(-1)) // Wait until a new connection is received, -1 means no timeout
{
qDebug() << "New connection";
QSslSocket *sslSocket = dynamic_cast<QSslSocket*>(sslServer.nextPendingConnection());
qDebug() << "peerCertificate " << sslSocket->peerCertificate();
qDebug() << "peerName " << sslSocket->peerName();
QObject::connect(sslSocket, &QSslSocket::encrypted, [](){
qDebug() << "encrypted";
});
if (sslSocket->waitForReadyRead(-1))
{
QByteArray message = sslSocket->readAll();
qDebug() << "Message:" << QString(message);
sslSocket->disconnectFromHost();
sslSocket->waitForDisconnected();
qDebug() << "Disconnected";
}
else
{
qDebug().nospace() << "ERROR: could not receive message (" << qPrintable(sslSocket->errorString()) << ")";
}
}
else
{
qDebug().nospace() << "ERROR: could not establish encrypted connection (" << qPrintable(sslServer.errorString()) << ")";
}
this->deleteLater();
QThread::currentThread()->quit();
qApp->exit();
}
void SslServer::incomingConnection(qintptr socketDescriptor)
{
QSslSocket *sslSocket = new QSslSocket(this);
sslSocket->setSocketDescriptor(socketDescriptor);
qDebug() << m_sslLocalCertificate.issuerInfo(QSslCertificate::Organization);
qDebug() << m_sslLocalCertificate.issuerInfo(QSslCertificate::CommonName);
qDebug() << m_sslLocalCertificate.issuerInfo(QSslCertificate::CountryName);
sslSocket->setLocalCertificate(m_sslLocalCertificate);
sslSocket->setPrivateKey(m_sslPrivateKey);
sslSocket->setProtocol(m_sslProtocol);
sslSocket->setPeerVerifyMode(QSslSocket::VerifyNone);
sslSocket->startServerEncryption();
QObject::connect(sslSocket, &QSslSocket::encrypted, [=](){
qDebug() << "encrypted data";
});
QObject::connect(sslSocket, static_cast<void (QSslSocket::*)(QAbstractSocket::SocketError)>(&QAbstractSocket::error), [sslSocket] (QAbstractSocket::SocketError) {
qDebug()<< "ERROR " << sslSocket->errorString();
});
QObject::connect(sslSocket, &QSslSocket::peerVerifyError, [sslSocket](QSslError err){
qDebug()<< "ERROR " << err.errorString();
});
QObject::connect(sslSocket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(sslErrorst(const QList<QSslError> &)));
connect(sslSocket, &QSslSocket::hostFound, [](){
qDebug() << "host";
});
this->addPendingConnection(sslSocket);
}
看了类似的文章,没有一个没有解决办法,如何正确使用comodo证书?