Open qgib opened 8 years ago
Author Name: Giovanni Manghi (@gioman)
Author Name: Giovanni Manghi (@gioman)
Author Name: Jürgen Fischer (@jef-n)
Author Name: Giovanni Manghi (@gioman)
Author Name: Larry Shaffer (Larry Shaffer)
Author Name: Larry Shaffer (Larry Shaffer)
Author Name: Larry Shaffer (Larry Shaffer)
Author Name: Larry Shaffer (Larry Shaffer)
Regarding the qgis-trusted-cas-cached.png attachment. The left part of the image shows the default trusted root CAs for a fresh install of Windows 10, plus the "AddTrust External CA Root" certificate that was added automatically by the Win OS via its hosted Trusted Root Certificate program.
Author Name: Luigi Pirelli (@luipir)
during dev I found a possible bug reported in #23610
Author Name: Luigi Pirelli (@luipir)
I didn't find any solution to #23610 => the only way to reload ssl CA cache without waiting some minutes for the update is to re-start qgis!
Author Name: Luigi Pirelli (@luipir)
I'll prepare a PR from the following branch:
https://github.com/boundlessgeo/qgis/tree/CAs_import_via_keystore
the fix is applicable only on Windows. No CA problems found on linux and mac.
Author Name: Luigi Pirelli (@luipir)
just waiting to have a UX review before to create the PR
Author Name: Luigi Pirelli (@luipir)
a screencast to show hos the interface works https://youtu.be/pN30XE7r7_k
Author Name: Luigi Pirelli (@luipir)
created two PR
for 2.14: https://github.com/qgis/QGIS/pull/3640 for 2.18: https://github.com/qgis/QGIS/pull/3671
Author Name: Luigi Pirelli (@luipir)
fix only for 2.14 and release-2_18 because probably the issue is not present in qgis3 due the different ssl infrastructure offered by qt5
Author Name: Giovanni Manghi (@gioman)
Author Name: Luigi Pirelli (@luipir) Original Redmine Issue: 15617
Redmine category:authentication_system Assignee: Larry Shaffer
The following steps demonstrate that QGIS/Qt is not able to trigger auto-importing of trusted root CAs by the Windows OS. Since OpenSSL is used and not the appropriate Win Crypto API calls
To verify, the procedure is:
This shows the following issues that need addressed:
Proposed solutions: