I'm working on a Qt application which communicate with my web browser (currently Google Chrome) through a WebSocket.
Everything was working fine until I tried to use secured websockets...
I managed to resolve the issues I had with OpenSSL, so now I should have a working Qt application, but I don't.
I'm using VS2013, and Qt 5.3. I have the following code to start my server:
MyClass::MyClass (quint16 port, QObject *parent) :
QWebSocketServer("Press And Listen Server", QWebSocketServer::SecureMode, parent) {
QSslConfiguration sslConfiguration;
QFile certFile (QStringLiteral ("localhost.crt"));
QFile keyFile (QStringLiteral ("localhost.key"));
certFile.open (QIODevice::ReadOnly);
keyFile.open (QIODevice::ReadOnly);
QSslCertificate certificate (&certFile, QSsl::Pem);
QSslKey sslKey (&keyFile, QSsl::Rsa, QSsl::Pem);
certFile.close ();
keyFile.close ();
sslConfiguration.setPeerVerifyMode (QSslSocket::VerifyNone);
sslConfiguration.setLocalCertificate (certificate);
sslConfiguration.setPrivateKey (sslKey);
sslConfiguration.setProtocol (QSsl::TlsV1SslV3);
this->setSslConfiguration (sslConfiguration);
if (!this->listen (QHostAddress::Any, port)) {
throw ServerNotStartedException () ;
}
qDebug () << "Server listenning on: " << port ;
connect (this, &QWebSocketServer::newConnection, this, &MyClass::onNewConnection);
connect (this, &QWebSocketServer::closed, this, &MyClass::onClose);
connect (this, &QWebSocketServer::sslErrors, this, &MyClass::onSslErrors);
}
I created the certificate files using the following method: https://developer.salesforce.com/blogs/developer-relations/2011/05/generating-valid-self-signed-certificates.html
On the browser side, I only have:
var websock = websock = new WebSocket('wss://localhost:52132');
websock.onerror = function (error) {
console.log('Press & Listen, WS Error: ' + error);
};
websock.onopen = function () {
console.log('Open!');
};
Unfortunately, everytime I tried, I got the following JS message:
WebSocket connection to 'wss://localhost:52132/' failed: Error in connection establishment: net::ERR_TIMED_OUT
So far:
QSslSocket::supportsSsl ()
returns true
QSslSocket: cannot resolve XXX method
messagesOpenSSL DLLs are loaded, VS2013 output the following messages:
'MyProject.exe' (Win32): Loaded 'I:\Sources\VS2013\x64\Release\ssleay32.dll'. Cannot find or open the PDB file. 'PressAndListenQt.exe' (Win32): Loaded 'I:\Sources\VS2013\x64\Release\libeay32.dll'. Cannot find or open the PDB file.`
I don't know how to find what's wrong, so I'm open to any suggestion!
Edit: I tried to generate a self-signed certificate using the following (instead of the link above):
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 100 -nodes
Now I get another error:
WebSocket connection to 'wss://localhost:52132/' failed: WebSocket opening handshake was canceled
Q2) Server side is not Qt Code and client side is Qt. does it in secure web socket connection? (i.e. server Socket and client Socket are independent of programming Language for connection or not?) NOTE: i'm able to connect with same server using none secure connection. It looks like your certificate isn't made for this server.
Qt WebSockets enables you to build WebSocket-aware applications. It provides an implementation for the WebSocket protocol, which is offered by IETF (Internet Engineering Task Force) as a better alternative for bidirectional communication using the existing web infrastructure.
Websockets allow us to achieve real-time communication among different clients connected to a server. A lot of people are unaware of how to secure their websockets against some very common attacks. Let us see what they are and what should you do to protect your websockets.
From WebChannel.js, WebChannel takes QML WebSocket as input. I tried passing a C++ side created WebSocket to it but it doesnt work. It gives error from the JS file itself.
According to your problem statement
There is a sample code in Qt \Examples\Qt-5.x\websockets\sslechoserver also an html file with websocket html code. If we run above sample and look at the web-socket reply it will give error code 1006 Error Codes.
I have looked at the errors occurred and i think it may be because you have not hosted your html code on secure web-server(non https). I suggest you to host your html file on webserver and map it with your certificates for https secure browsing.
Connection termination may be because of insecure sockets or certificate mismatch.
Browser Console
WebSocket connection to 'wss://localhost:1234/' failed: Error in connection establishment: net::ERR_INSECURE_RESPONSE
Browser trace for URL Request
t=11880 [st= 0] +REQUEST_ALIVE [dt=17]
t=11880 [st= 0] URL_REQUEST_DELEGATE [dt=1]
t=11881 [st= 1] +URL_REQUEST_START_JOB [dt=16]
--> load_flags = 18 (BYPASS_CACHE | DISABLE_CACHE)
--> method = "GET"
--> priority = "LOWEST"
--> url = "wss://localhost:1234/"
t=11881 [st= 1] URL_REQUEST_DELEGATE [dt=0]
t=11881 [st= 1] HTTP_CACHE_GET_BACKEND [dt=0]
t=11881 [st= 1] +HTTP_STREAM_REQUEST [dt=15]
t=11881 [st= 1] HTTP_STREAM_REQUEST_STARTED_JOB
--> source_dependency = 6025 (HTTP_STREAM_JOB)
t=11896 [st=16] HTTP_STREAM_REQUEST_BOUND_TO_JOB
--> source_dependency = 6025 (HTTP_STREAM_JOB)
t=11896 [st=16] -HTTP_STREAM_REQUEST
t=11896 [st=16] URL_REQUEST_DELEGATE [dt=1]
t=11897 [st=17] CANCELLED
--> net_error = -501 (ERR_INSECURE_RESPONSE)
t=11897 [st=17] -URL_REQUEST_START_JOB
--> net_error = -501 (ERR_INSECURE_RESPONSE)
t=11897 [st=17] URL_REQUEST_DELEGATE [dt=0]
t=11897 [st=17] -REQUEST_ALIVE
Browser trace for Http Stream
t=11881 [st= 0] +HTTP_STREAM_JOB [dt=15]
--> alternative_service = "unknown :0"
--> original_url = "wss://localhost:1234/"
--> priority = "LOWEST"
--> source_dependency = 6024 (URL_REQUEST)
--> url = "wss://localhost:1234/"
t=11881 [st= 0] +PROXY_SERVICE [dt=0]
t=11881 [st= 0] PROXY_SERVICE_RESOLVED_PROXY_LIST
--> pac_string = "DIRECT"
t=11881 [st= 0] PROXY_SERVICE_DEPRIORITIZED_BAD_PROXIES
--> pac_string = "DIRECT"
t=11881 [st= 0] -PROXY_SERVICE
t=11881 [st= 0] +SOCKET_POOL [dt=15]
t=11896 [st=15] SOCKET_POOL_BOUND_TO_CONNECT_JOB
--> source_dependency = 6026 (CONNECT_JOB)
t=11896 [st=15] SOCKET_POOL_BOUND_TO_SOCKET
--> source_dependency = 6029 (SOCKET)
t=11896 [st=15] -SOCKET_POOL
--> net_error = -202 (ERR_CERT_AUTHORITY_INVALID)
t=11896 [st=15] HTTP_STREAM_JOB_BOUND_TO_REQUEST
--> source_dependency = 6024 (URL_REQUEST)
t=11896 [st=15] -HTTP_STREAM_JOB
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With