Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. Installation and Deployment
  4. Does Qt 5.15 support OpenSSL 3.x?
Forum Updated to NodeBB v4.3 + New Features

Does Qt 5.15 support OpenSSL 3.x?

Scheduled Pinned Locked Moved Solved Installation and Deployment
27 Posts 11 Posters 10.3k Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T Offline
    T Offline
    Taytoo
    wrote on last edited by
    #5

    Is there a way to request support for OpenSSL 3 in Qt 5.15? The support for 5.15 LTS lasts till May 2025, whereas OpenSSL 1.1.1 support will end in Nov 2023. Afterwards a critical part of any modern software will be vulnerable to exploitation since users of 5.15 won't be able to use OpenSSL 3?

    jsulmJ 1 Reply Last reply
    0
    • T Taytoo

      Is there a way to request support for OpenSSL 3 in Qt 5.15? The support for 5.15 LTS lasts till May 2025, whereas OpenSSL 1.1.1 support will end in Nov 2023. Afterwards a critical part of any modern software will be vulnerable to exploitation since users of 5.15 won't be able to use OpenSSL 3?

      jsulmJ Offline
      jsulmJ Offline
      jsulm
      Lifetime Qt Champion
      wrote on last edited by
      #6

      @Taytoo said in Does Qt 5.15 support OpenSSL 3.x?:

      Is there a way to request

      https://bugreports.qt.io/secure/Dashboard.jspa

      https://forum.qt.io/topic/113070/qt-code-of-conduct

      1 Reply Last reply
      0
      • T Offline
        T Offline
        Taytoo
        wrote on last edited by
        #7

        Contacted support, they are working on porting changes from Qt6 to 5 and while it may not be officially supported, we will be able to compile the framework using openssl 3.x.

        J 1 Reply Last reply
        0
        • T Taytoo

          Contacted support, they are working on porting changes from Qt6 to 5 and while it may not be officially supported, we will be able to compile the framework using openssl 3.x.

          J Offline
          J Offline
          julianoes
          wrote on last edited by
          #8

          @Taytoo did you ever get a resolution on this topic?

          And to get the fixes, did you have to rebuild Qt yourself? If so, do you have any links how that's done?

          I created a bug report regarding Qt 5.15 on platforms like Ubuntu 22.04 which don't ship with openssl v1 but I couldn't quite get a straight answer: https://bugreports.qt.io/browse/QTBUG-115146

          SGaistS 1 Reply Last reply
          0
          • J julianoes

            @Taytoo did you ever get a resolution on this topic?

            And to get the fixes, did you have to rebuild Qt yourself? If so, do you have any links how that's done?

            I created a bug report regarding Qt 5.15 on platforms like Ubuntu 22.04 which don't ship with openssl v1 but I couldn't quite get a straight answer: https://bugreports.qt.io/browse/QTBUG-115146

            SGaistS Offline
            SGaistS Offline
            SGaist
            Lifetime Qt Champion
            wrote on last edited by
            #9

            @julianoes hi,

            If the support has been backported, then you have to get the corresponding (or later) sources and build Qt yourself. Depending on the distribution you use, its own Qt version may already be patched to support OpenSSL v3.

            Interested in AI ? www.idiap.ch
            Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

            J 1 Reply Last reply
            0
            • Q Offline
              Q Offline
              QuantumTransistor
              wrote on last edited by
              #10

              I tried compiling the open-source Qt 5.15.10 with OpenSSL 3.1.1 in Windows 11 (VS 2022) using:

              -openssl-runtime OPENSSL_INCDIR="C:\Path\Tp\OpenSSL\3.1.1\include"
              

              in the configure call. Compiling Qt worked fine, but at run time, QSslSocket::sslLibraryBuildVersionString() returns

              Qt OpenSSL build version: "OpenSSL 3.1.1 30 May 2023"
              [2023-07-18 8:34:19.625][W][qt.network.ssl] `anonymous-namespace'::qsslSocketCannotResolveSymbolWarning():132 - QSslSocket: cannot resolve EVP_PKEY_base_id
              [2023-07-18 8:34:19.625][W][qt.network.ssl] `anonymous-namespace'::qsslSocketCannotResolveSymbolWarning():132 - QSslSocket: cannot resolve SSL_get_peer_certificate
              

              I'm still not sure if OpenSSL 3.x is fundamentally incompatible with Qt 5.15.x, or if other changes are needed.

              (Note, I followed the same compiling and linking steps which work with Qt 5.15.x and OpenSSL 1.1.1).

              T 1 Reply Last reply
              0
              • Q QuantumTransistor

                I tried compiling the open-source Qt 5.15.10 with OpenSSL 3.1.1 in Windows 11 (VS 2022) using:

                -openssl-runtime OPENSSL_INCDIR="C:\Path\Tp\OpenSSL\3.1.1\include"
                

                in the configure call. Compiling Qt worked fine, but at run time, QSslSocket::sslLibraryBuildVersionString() returns

                Qt OpenSSL build version: "OpenSSL 3.1.1 30 May 2023"
                [2023-07-18 8:34:19.625][W][qt.network.ssl] `anonymous-namespace'::qsslSocketCannotResolveSymbolWarning():132 - QSslSocket: cannot resolve EVP_PKEY_base_id
                [2023-07-18 8:34:19.625][W][qt.network.ssl] `anonymous-namespace'::qsslSocketCannotResolveSymbolWarning():132 - QSslSocket: cannot resolve SSL_get_peer_certificate
                

                I'm still not sure if OpenSSL 3.x is fundamentally incompatible with Qt 5.15.x, or if other changes are needed.

                (Note, I followed the same compiling and linking steps which work with Qt 5.15.x and OpenSSL 1.1.1).

                T Offline
                T Offline
                Taytoo
                wrote on last edited by
                #11

                @QuantumTransistor I link with openssl statically and also use vcpkg to manage external libraries - makes it really easy to update libraries in few simple commands.

                Anyway, you need to specify path to library and header files e.g. part of my configure command:

                -openssl-linked OPENSSL_LIBS="-llibssl -llibcrypto -lws2_32 -lAdvapi32 -lCrypt32 -lUser32" -I C:\Dev\vcpkg\installed\x86-windows-static\include -I C:\Dev\vcpkg\installed\x86-windows-static\include\openssl -L C:\Dev\vcpkg\installed\x86-windows-static\lib
                
                1 Reply Last reply
                0
                • SGaistS SGaist

                  @julianoes hi,

                  If the support has been backported, then you have to get the corresponding (or later) sources and build Qt yourself. Depending on the distribution you use, its own Qt version may already be patched to support OpenSSL v3.

                  J Offline
                  J Offline
                  julianoes
                  wrote on last edited by
                  #12

                  @SGaist said in Does Qt 5.15 support OpenSSL 3.x?:

                  Depending on the distribution you use, its own Qt version may already be patched to support OpenSSL v3.

                  That's an interesting comment. Thanks @SGaist. So far, we always downloaded Qt using the installer and used that to build. Depending on the OS (ubuntu 22.04) one tended to be tricky and the wrong version but I might give that a try.

                  It's a shame that Qt doesn't make a patch release to fixup something security related like that.

                  JKSHJ 1 Reply Last reply
                  0
                  • J julianoes

                    @SGaist said in Does Qt 5.15 support OpenSSL 3.x?:

                    Depending on the distribution you use, its own Qt version may already be patched to support OpenSSL v3.

                    That's an interesting comment. Thanks @SGaist. So far, we always downloaded Qt using the installer and used that to build. Depending on the OS (ubuntu 22.04) one tended to be tricky and the wrong version but I might give that a try.

                    It's a shame that Qt doesn't make a patch release to fixup something security related like that.

                    JKSHJ Offline
                    JKSHJ Offline
                    JKSH
                    Moderators
                    wrote on last edited by
                    #13

                    @julianoes said in Does Qt 5.15 support OpenSSL 3.x?:

                    It's a shame that Qt doesn't make a patch release to fixup something security related like that.

                    Qt 5.15 has reached end-of-life (see https://www.qt.io/blog/qt-5.15-support-ends ). When security is important, use an actively-maintained version. Qt 6.5 uses OpenSSL 3 by default.

                    Qt Doc Search for browsers: forum.qt.io/topic/35616/web-browser-extension-for-improved-doc-searches

                    1 Reply Last reply
                    0
                    • Q Offline
                      Q Offline
                      QuantumTransistor
                      wrote on last edited by
                      #14

                      Thanks @Taytoo, I'll give static linking a try. Which version of Qt are you using? This bug report gives a patch for using 5.15.9 with OpenSSL 3. I'm using 5.15.10 (the latest available open-source), and not sure if a similar patch is still needed.

                      1 Reply Last reply
                      0
                      • Q Offline
                        Q Offline
                        QuantumTransistor
                        wrote on last edited by
                        #15

                        Following the suggestion from @Taytoo, I got Qt5.15.10 and OpenSSL 3.1.1 to work correctly for my application.

                        OpenSSL configure settings were:

                        -openssl-linked OPENSSL_INCDIR="C:\Path\To\OpenSSL\3.1.1\include" OPENSSL_LIBDIR="C:\Path\To\OpenSSL\3.1.1\lib\VC\static" OPENSSL_LIBS="-lWs2_32 -lGdi32 -lAdvapi32 -lCrypt32 -lUser32" OPENSSL_LIBS_DEBUG="-llibssl64MDd -llibcrypto64MDd" OPENSSL_LIBS_RELEASE="-llibssl64MD -llibcrypto64MD"
                        

                        Still a bit puzzled why -openssl-runtime doesn't work, but I'll keep trying now that I know the codes are compatible.

                        T 1 Reply Last reply
                        1
                        • Q QuantumTransistor

                          Following the suggestion from @Taytoo, I got Qt5.15.10 and OpenSSL 3.1.1 to work correctly for my application.

                          OpenSSL configure settings were:

                          -openssl-linked OPENSSL_INCDIR="C:\Path\To\OpenSSL\3.1.1\include" OPENSSL_LIBDIR="C:\Path\To\OpenSSL\3.1.1\lib\VC\static" OPENSSL_LIBS="-lWs2_32 -lGdi32 -lAdvapi32 -lCrypt32 -lUser32" OPENSSL_LIBS_DEBUG="-llibssl64MDd -llibcrypto64MDd" OPENSSL_LIBS_RELEASE="-llibssl64MD -llibcrypto64MD"
                          

                          Still a bit puzzled why -openssl-runtime doesn't work, but I'll keep trying now that I know the codes are compatible.

                          T Offline
                          T Offline
                          Taytoo
                          wrote on last edited by
                          #16

                          @QuantumTransistor I've never linked with openssl dynamically, so can't really help with that. Try changing Lib path to point towards .so/.dll files instead and see if that works.

                          1 Reply Last reply
                          0
                          • S Offline
                            S Offline
                            seyed
                            wrote on last edited by
                            #17

                            I used OpenSSL 3 to build Qt 5.15.10 successfully, but at runtime, I faced problems:

                            qt.network.ssl: QSslSocket: cannot resolve EVP_PKEY_base_id
                            qt.network.ssl: QSslSocket: cannot resolve SSL_get_peer_certificate
                            Build version: "OpenSSL 3.1.1 30 May 2023"
                            Run version: "OpenSSL 3.1.1 30 May 2023"
                            Supports SSL: true
                            

                            Finally, porting changes from Qt 6 to 5 results in a successful build and run. 🎉
                            Read my gist for steps

                            1 Reply Last reply
                            1
                            • Q Offline
                              Q Offline
                              QuantumTransistor
                              wrote on last edited by QuantumTransistor
                              #18

                              @seyed - I used the patch from your gist and was able to successfully build and use Qt 5.15.10 with OpenSSL 3.1.2 using -openssl-runtime. Thanks!! 🎉

                              ocgltdO 1 Reply Last reply
                              1
                              • Q QuantumTransistor

                                @seyed - I used the patch from your gist and was able to successfully build and use Qt 5.15.10 with OpenSSL 3.1.2 using -openssl-runtime. Thanks!! 🎉

                                ocgltdO Offline
                                ocgltdO Offline
                                ocgltd
                                wrote on last edited by ocgltd
                                #19

                                I hope to avoid rebuilding Qt + patches. Will Qt release a 5.15.x update that will allow compilation against openssl 3 ?

                                SGaistS Q 2 Replies Last reply
                                0
                                • ocgltdO ocgltd

                                  I hope to avoid rebuilding Qt + patches. Will Qt release a 5.15.x update that will allow compilation against openssl 3 ?

                                  SGaistS Offline
                                  SGaistS Offline
                                  SGaist
                                  Lifetime Qt Champion
                                  wrote on last edited by
                                  #20

                                  @ocgltd if memory serves well, the 5.15 LTS has support for OpenSSL 3 so it should eventually come to be.

                                  You might want to check the KDE patch set for Qt.

                                  Interested in AI ? www.idiap.ch
                                  Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

                                  1 Reply Last reply
                                  0
                                  • ocgltdO ocgltd

                                    I hope to avoid rebuilding Qt + patches. Will Qt release a 5.15.x update that will allow compilation against openssl 3 ?

                                    Q Offline
                                    Q Offline
                                    QuantumTransistor
                                    wrote on last edited by
                                    #21

                                    @ocgltd according to a comment on this bug report, OpenSSL 3 is supported with Qt 5.15.13 onwards. If you are using the open-source version, this should be available 9 March 2024 (one year after the commercial release date).

                                    piervalliP 1 Reply Last reply
                                    0
                                    • Q QuantumTransistor

                                      @ocgltd according to a comment on this bug report, OpenSSL 3 is supported with Qt 5.15.13 onwards. If you are using the open-source version, this should be available 9 March 2024 (one year after the commercial release date).

                                      piervalliP Offline
                                      piervalliP Offline
                                      piervalli
                                      wrote on last edited by piervalli
                                      #22

                                      @QuantumTransistor
                                      Openssl works with 5.15.13 (open source) but we need to compiare with c++17

                                      SGaistS 1 Reply Last reply
                                      0
                                      • piervalliP piervalli

                                        @QuantumTransistor
                                        Openssl works with 5.15.13 (open source) but we need to compiare with c++17

                                        SGaistS Offline
                                        SGaistS Offline
                                        SGaist
                                        Lifetime Qt Champion
                                        wrote on last edited by
                                        #23

                                        @piervalli what issue do you have with C++17 ?
                                        Qt 5 requires C++11 and OpenSSL is C.

                                        Interested in AI ? www.idiap.ch
                                        Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

                                        piervalliP 1 Reply Last reply
                                        0
                                        • SGaistS SGaist

                                          @piervalli what issue do you have with C++17 ?
                                          Qt 5 requires C++11 and OpenSSL is C.

                                          piervalliP Offline
                                          piervalliP Offline
                                          piervalli
                                          wrote on last edited by
                                          #24

                                          @SGaist
                                          The issue is with Qt 5.15.13 and build by source I haved setted c++17 for that error.
                                          text\qlocale_win.cpp:498:60: error: 'size' is not a member of 'std'

                                          I used Mingw 8.1

                                          JonBJ 1 Reply Last reply
                                          0

                                          • Login

                                          • Login or register to search.
                                          • First post
                                            Last post
                                          0
                                          • Categories
                                          • Recent
                                          • Tags
                                          • Popular
                                          • Users
                                          • Groups
                                          • Search
                                          • Get Qt Extensions
                                          • Unsolved