openssl构建单双向https认证

双向认证:
一、服务器端 参考文章
https://blog.csdn.net/chuzhi78/article/details/76877935

生成双向验证的pem
openssl pkcs12 -in server/certs/server-cert.p12 -clcerts -nokeys -out server/certs/server-cert.pem

二、客户端
windows提前需要安装OpenSSL

QT5.12.10参考文章
http://www.suoniao.com/article/5ed8f015b7460000f100688f
https://www.jianshu.com/p/0f9d365c3375

bool NetworkManager::init(){
    // 发送https请求前准备工作;
    QByteArray password = "";
    QFile pkcs("D:/user/client-cert.p12");
    bool import =pkcs.open(QFile::ReadOnly);

    QSslKey key;
    QSslCertificate cert;
    QList certs;
    import =QSslCertificate::importPkcs12(&pkcs,&key,&cert,&certs,password);
    pkcs.close();

    config.setPrivateKey(key);
    config.setLocalCertificate(cert);

    QFile peerFile("D:/user/server-cert.pem");
    import &= peerFile.open(QIODevice::ReadOnly);
    QSslCertificate peerCert(peerFile.readAll(), QSsl::Pem);
    config.setPeerVerifyMode(QSslSocket::VerifyPeer);
    config.setPeerVerifyDepth(1);

    QList caCerts;
    caCerts << peerCert;
    config.setCaCertificates(caCerts);

    config.setProtocol(QSsl::TlsV1SslV3);
    return import;
}

你可能感兴趣的:(openssl构建单双向https认证)