Check for blacklisting in case the application has blacklisted
a cert before windows has (currently unlikely as the blacklist is
hardcoded in Qt)
Don't need to check for time validity because that's already checked
by the windows API.
Change-Id: I34da5c4a8a0f8851b9b7668fc421a93c360c8588
Reviewed-by: Richard J. Moore <rich@kde.org>
void QSslSocketBackendPrivate::_q_caRootLoaded(QSslCertificate cert, QSslCertificate trustedRoot)
{
Q_Q(QSslSocket);
- if (trustedRoot.isValid()) {
+ if (!trustedRoot.isNull() && !trustedRoot.isBlacklisted()) {
if (s_loadRootCertsOnDemand) {
//Add the new root cert to default cert list for use by future sockets
QSslSocket::addDefaultCaCertificate(trustedRoot);