path: root/src/network/ssl/qsslcontext.cpp
diff options
authorRichard J. Moore <>2014-01-12 16:59:27 +0000
committerThe Qt Project <>2014-01-16 21:57:06 +0100
commit7c8131763de9e70ca56f16635716e7e00559b5d1 (patch)
tree4e0a6996ab23483645bf187808359270a73cadac /src/network/ssl/qsslcontext.cpp
parent3a2631391914e002769d0e3f6a934d241fa1d389 (diff)
Prevent spurious SSL errors from local certificates.
Qt since approximately 4.4 has set the verify callback on both the SSL store and the SSL context. Only the latter is actually needed. This is normally not a problem, but openssl prior to 1.0.2 uses the verify code to find the intermediate certificates for any local certificate that has been set which can lead to verification errors for the local certificate to be emitted. Task-number: QTBUG-33228 Task-number: QTBUG-7200 Task-number: QTBUG-24234 Change-Id: Ie4115e7f7faa1267ea9b807c01b1ed6604c4a16c Reviewed-by: Peter Hartmann <> Reviewed-by: Thiago Macieira <>
Diffstat (limited to 'src/network/ssl/qsslcontext.cpp')
1 files changed, 0 insertions, 3 deletions
diff --git a/src/network/ssl/qsslcontext.cpp b/src/network/ssl/qsslcontext.cpp
index 037ee8c672..adf42fb79a 100644
--- a/src/network/ssl/qsslcontext.cpp
+++ b/src/network/ssl/qsslcontext.cpp
@@ -189,9 +189,6 @@ init_context:
q_SSL_CTX_load_verify_locations(sslContext->ctx, 0,;
- // Register a custom callback to get all verification errors.
- X509_STORE_set_verify_cb_func(sslContext->ctx->cert_store, q_X509Callback);
if (!sslContext->sslConfiguration.localCertificate().isNull()) {
// Require a private key as well.
if (sslContext->sslConfiguration.privateKey().isNull()) {