I have a working QHttpserver with SSL configured using self-signed certificates. Due to numerous issues, standard signed certificates will not work. Since all users have smart cards and this is more of a peer-to-peer than truly server application, I'd like to use the smart cards on both ends for the authentication.

I've managed to pull the certificate from a smart card using pkcs11 libraries into a QSslCertificate. However, due to security restrictions on the card, I cannot pull the private key. With research, I've found that QSslkey has a type QSsl::Opaque specifically for handling cases like pkcs11 implementation. However, I cannot find any examples on how to do what I'm attempting, aside from one library that read the private key from the smart card, which I cannot seem to do. Once the connection is made, I'm good using standard encryption mechanisms, the card doesn't need to encrypt everything.

Does anyone have an example or can point me in the right direction or am I doing this all wrong?