Skip to content

Commit a353ad4

Browse files
laanwjlaanwj
committed
Merge pull request #5636
851296a [Qt] add option to allow self signed root certs (for testing) (Philip Kaufmann)
2 parents c29568a + 851296a commit a353ad4

File tree

2 files changed

+16
-1
lines changed

2 files changed

+16
-1
lines changed

src/qt/paymentrequestplus.cpp

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,8 @@
99

1010
#include "paymentrequestplus.h"
1111

12+
#include "util.h"
13+
1214
#include <stdexcept>
1315

1416
#include <openssl/x509.h>
@@ -150,7 +152,13 @@ bool PaymentRequestPlus::getMerchant(X509_STORE* certStore, QString& merchant) c
150152
int result = X509_verify_cert(store_ctx);
151153
if (result != 1) {
152154
int error = X509_STORE_CTX_get_error(store_ctx);
153-
throw SSLVerifyError(X509_verify_cert_error_string(error));
155+
// For testing payment requests, we allow self signed root certs!
156+
// This option is just shown in the UI options, if -help-debug is enabled.
157+
if (!(error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT && GetBoolArg("-allowselfsignedrootcertificates", false))) {
158+
throw SSLVerifyError(X509_verify_cert_error_string(error));
159+
} else {
160+
qDebug() << "PaymentRequestPlus::getMerchant: Allowing self signed root certificate, because -allowselfsignedrootcertificates is true.";
161+
}
154162
}
155163
X509_NAME *certname = X509_get_subject_name(signing_cert);
156164

src/qt/utilitydialog.cpp

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212

1313
#include "clientversion.h"
1414
#include "init.h"
15+
#include "util.h"
1516

1617
#include <stdio.h>
1718

@@ -108,6 +109,12 @@ HelpMessageDialog::HelpMessageDialog(QWidget *parent, bool about) :
108109
cursor.movePosition(QTextCursor::NextRow);
109110
cursor.insertText(tr("UI options") + ":", bold);
110111
cursor.movePosition(QTextCursor::NextRow);
112+
if (GetBoolArg("-help-debug", false)) {
113+
cursor.insertText("-allowselfsignedrootcertificates");
114+
cursor.movePosition(QTextCursor::NextCell);
115+
cursor.insertText(tr("Allow self signed root certificates (default: 0)"));
116+
cursor.movePosition(QTextCursor::NextCell);
117+
}
111118
cursor.insertText("-choosedatadir");
112119
cursor.movePosition(QTextCursor::NextCell);
113120
cursor.insertText(tr("Choose data directory on startup (default: 0)"));

0 commit comments

Comments
 (0)