QSslCertificate Class
The QSslCertificate class provides a convenient API for an X509 certificate. More...
| Header: | #include <QSslCertificate> |
| qmake: | QT += network |
| Since: | Qt 4.3 |
This class was introduced in Qt 4.3.
Note: All functions in this class are reentrant.
Public Types
| enum class | PatternSyntax { RegularExpression, Wildcard, FixedString } |
| enum | SubjectInfo { Organization, CommonName, LocalityName, OrganizationalUnitName, CountryName, …, EmailAddress } |
Detailed Description
QSslCertificate stores an X509 certificate, and is commonly used to verify the identity and store information about the local host, a remotely connected peer, or a trusted third party Certificate Authority.
There are many ways to construct a QSslCertificate. The most common way is to call QSslSocket::peerCertificate(), which returns a QSslCertificate object, or QSslSocket::peerCertificateChain(), which returns a list of them. You can also load certificates from a DER (binary) or PEM (Base64) encoded bundle, typically stored as one or more local files, or in a Qt Resource.
You can call isNull() to check if your certificate is null. By default, QSslCertificate constructs a null certificate. A null certificate is invalid, but an invalid certificate is not necessarily null. If you want to reset all contents in a certificate, call clear().
After loading a certificate, you can find information about the certificate, its subject, and its issuer, by calling one of the many accessor functions, including version(), serialNumber(), issuerInfo() and subjectInfo(). You can call effectiveDate() and expiryDate() to check when the certificate starts being effective and when it expires. The publicKey() function returns the certificate subject's public key as a QSslKey. You can call issuerInfo() or subjectInfo() to get detailed information about the certificate issuer and its subject.
Internally, QSslCertificate is stored as an X509 structure. You can access this handle by calling handle(), but the results are likely to not be portable.
See also QSslSocket, QSslKey, QSslCipher, and QSslError.
Member Type Documentation
enum class QSslCertificate::PatternSyntax
The syntax used to interpret the meaning of the pattern.
| Constant | Value | Description |
|---|---|---|
QSslCertificate::PatternSyntax::RegularExpression | 0 | A rich Perl-like pattern matching syntax. |
QSslCertificate::PatternSyntax::Wildcard | 1 | This provides a simple pattern matching syntax similar to that used by shells (command interpreters) for "file globbing". See QRegularExpression Wildcard Matching. |
QSslCertificate::PatternSyntax::FixedString | 2 | The pattern is a fixed string. This is equivalent to using the RegularExpression pattern on a string in which all metacharacters are escaped using escape(). This is the default. |
This enum was introduced or modified in Qt 5.15.
enum QSslCertificate::SubjectInfo
Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject.
| Constant | Value | Description |
|---|---|---|
QSslCertificate::Organization | 0 | "O" The name of the organization. |
QSslCertificate::CommonName | 1 | "CN" The common name; most often this is used to store the host name. |
QSslCertificate::LocalityName | 2 | "L" The locality. |
QSslCertificate::OrganizationalUnitName | 3 | "OU" The organizational unit name. |
QSslCertificate::CountryName | 4 | "C" The country. |
QSslCertificate::StateOrProvinceName | 5 | "ST" The state or province. |
QSslCertificate::DistinguishedNameQualifier | 6 | The distinguished name qualifier |
QSslCertificate::SerialNumber | 7 | The certificate's serial number |
QSslCertificate::EmailAddress | 8 | The email address associated with the certificate |