QSslSocket::startServerEncryption fails with "PEM_READ_BIO_PRIVATEKEY:bad password read"

Question

I've created an SSL server using the sample code from the Qt documentation. I then connect to it using QSslSocket::connectToHostEncrypted.

The server fails, however, and this is in QSslSocket::errorString()

Cannot provide a certificate with no key, 
error:0907B068:PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read

I set the certificate and private keys with this code:

serverSocket->setLocalCertificate("/home/user/Workspace/openssl/cacert.pem");
serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem");

I created the cacert.pem and privkey.pem using this command on Ubuntu:

openssl req -x509 -newkey rsa:2048 -out cacert.pem -outform PEM -days 1825

score 1 · Answer 1 · answered Jan 06 '13 at 18:37

The error was because I didn't specify the password for the private key (the one that openssl asked me for during the certificate creation). So instead of

serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem");

I now call

serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem", QSsl::Rsa, QSsl::Pem, "mypassword");

and this fixes the problem.

QSslSocket::startServerEncryption fails with "PEM_READ_BIO_PRIVATEKEY:bad password read"

1 Answers1