Qt & SSL, Handshake failed
Solution 1
You could ignore certificate verify using QSslConfiguration::setPeerVerifyMode():
QSslConfiguration conf = request.sslConfiguration();
conf.setPeerVerifyMode(QSslSocket::VerifyNone);
request.setSslConfiguration(conf);
Solution 2
I was facing the same issue on Mac with Qt 5.5 and 5.6. When I upgraded to 5.7 it is solved. Hope it may help if you are still facing this issue.
Related videos on Youtube
inspector
Updated on June 17, 2022Comments
-
inspector almost 2 years
I have a problem. I've made a Qt application which is connecting to a https site. On my working machine, everything works fine. When I try to test my application on a clean Windows 7 machine, I observed the following issue:
After I have installed a fresh Win7 machine (installed all updates), after starting my application, I get a SSL Handshake failed error, SIGNAL(sslErrors(QNetworkReply*,QList)) is emitted with two empty error strings and error = QSslError::NoError. I was really searching the whole day why this happens, also could reproduce it with examples\network\securesocketclient\release\securesocketclient and domain "google.com".
Now, I found out, that once I have started the internet explorer accessing https://www.google.com, my application is also working as expected and no further handshake errors are coming.
BTW, it does not matter which site you are accessing - this is not related to google.com.
Can someone explain to me why this happens? Is it a bug in OpenSSL, or Qt, or both?
UPDATE
I found a way to live with that issue for myself, implementing the following ignore logic:
QSslError ignoreNOErrors(QSslError::NoError); foreach(QSslError error, errors) if(error.error() != QSslError::NoError) qDebug() << error.errorString(); QList<QSslError> expectedSslErrors; expectedSslErrors.append(ignoreNOErrors); reply->ignoreSslErrors(expectedSslErrors);
Thanks
-
inspector about 10 yearsOk, seems nobody has a good idea. How about adding a root certificate, like the one from GeoTrust (geotrust.com/resources/root-certificates) into the socket's CA certificate database using qt-project.org/doc/qt-4.8/qsslsocket.html#addCaCertificate ? At least, it sounds like an reasonable workaround. Any thought?
-
-
Jeff Pal about 6 yearswhat happen? I get this problem when I try to connect to a remote address but it works fine to localhost.
-
developer01 over 2 yearsAny idea if the issue still persists in 5.9.4?
-
developer01 over 2 yearsCan't you just do
sslSocket->setPeerVerifyMode(QSslSocket::VerifyNone)
without getting the ssl configuration?