QSslCertificate¶

PyQt5.QtNetwork.QSslCertificate

Description¶

The QSslCertificate class provides a convenient API for an X509 certificate.

QSslCertificate stores an X509 certificate, and is commonly used to verify the identity and store information about the local host, a remotely connected peer, or a trusted third party Certificate Authority.

There are many ways to construct a QSslCertificate. The most common way is to call peerCertificate(), which returns a QSslCertificate object, or peerCertificateChain(), which returns a list of them. You can also load certificates from a DER (binary) or PEM (Base64) encoded bundle, typically stored as one or more local files, or in a Qt Resource.

You can call isNull() to check if your certificate is null. By default, QSslCertificate constructs a null certificate. A null certificate is invalid, but an invalid certificate is not necessarily null. If you want to reset all contents in a certificate, call clear().

After loading a certificate, you can find information about the certificate, its subject, and its issuer, by calling one of the many accessor functions, including version(), serialNumber(), issuerInfo() and subjectInfo(). You can call effectiveDate() and expiryDate() to check when the certificate starts being effective and when it expires. The publicKey() function returns the certificate subject’s public key as a QSslKey. You can call issuerInfo() or subjectInfo() to get detailed information about the certificate issuer and its subject.

Internally, QSslCertificate is stored as an X509 structure. You can access this handle by calling handle(), but the results are likely to not be portable.

Enums¶

SubjectInfo

Describes keys that you can pass to QSslCertificate::issuerInfo() or QSslCertificate::subjectInfo() to get information about the certificate issuer or subject.

Member	Value	Description
CommonName	1	“CN” The common name; most often this is used to store the host name.
CountryName	4	“C” The country.
DistinguishedNameQualifier	TODO	The distinguished name qualifier
EmailAddress	TODO	The email address associated with the certificate
LocalityName	2	“L” The locality.
Organization	0	“O” The name of the organization.
OrganizationalUnitName	3	“OU” The organizational unit name.
SerialNumber	TODO	The certificate’s serial number
StateOrProvinceName	5	“ST” The state or province.

Methods¶

__init__(QSslCertificate): Constructs an identical copy of other.

__init__(QIODevice, format: EncodingFormat = Pem): Constructs a QSslCertificate by reading format encoded data from device and using the first certificate found. You can later call isNull() to see if device contained a certificate, and if this certificate was loaded successfully.

__init__(data: Union[QByteArray, bytes, bytearray] = QByteArray(), format: EncodingFormat = Pem): Constructs a QSslCertificate by parsing the format encoded data and using the first available certificate found. You can later call isNull() to see if data contained a certificate, and if this certificate was loaded successfully.

clear(): Clears the contents of this certificate, making it a null certificate.

See also

isNull().

digest(algorithm: Algorithm = Md5) → QByteArray: Returns a cryptographic digest of this certificate. By default, an MD5 digest will be generated, but you can also specify a custom algorithm.

effectiveDate() → QDateTime: TODO

__eq__(QSslCertificate) → bool: TODO

expiryDate() → QDateTime: TODO

extensions() → List[QSslCertificateExtension]: TODO

@staticmethod fromData(Union[QByteArray, bytes, bytearray], format: EncodingFormat = Pem) → List[QSslCertificate]: Searches for and parses all certificates in data that are encoded in the specified format and returns them in a list of certificates.

See also

fromDevice().

@staticmethod fromDevice(QIODevice, format: EncodingFormat = Pem) → List[QSslCertificate]: Searches for and parses all certificates in device that are encoded in the specified format and returns them in a list of certificates.

See also

fromData().

@staticmethod fromPath(str, format: EncodingFormat = Pem, syntax: PatternSyntax = FixedString) → List[QSslCertificate]

Searches all files in the path for certificates encoded in the specified format and returns them in a list. path must be a file or a pattern matching one or more files, as specified by syntax.

Example:

# const auto certs = QSslCertificate::fromPath("C:/ssl/certificate.*.pem",
#                                              QSsl::Pem, QRegExp::Wildcard);
# for (const QSslCertificate &cert : certs) {
#     qDebug() << cert.issuerInfo(QSslCertificate::Organization);
# }