@Allerknappe should your question better suited for AWS support team? or cloud forum? It seems not related to Qt itself.
Anyway, from little experience with a (non Qt) REST server running in AWS, in that case the server was configured with "internal" IP and then the AWS security team forwarded the proper port(s) so the solution could be available from outside.
@ganeshkbhat Allowing to load and run 3rd C++ inside your main applications's process is very dangerous and we have not found any easy way to sandbox C++ so far, only just have a few ideas worth trying. I've described this issue here in a little more detail.
Then it also depends also on what tools fits best your needs. There's no silver bullet that will cover everything you need.
Also limiting yourself to only one language is not a good idea in the long run. There are good and bad things in every language thus knowing more than one allows to have a better grasp at what can be done, how easy/hard the maintenance would be etc.
The handshake is the process that establishes the secure connection, in Qt QSslSocket::connectToHostEncrypted and QSslSocket::startServerEncryption take care of the handshake. The "Hello Word" sent across is just normal TCP communication that could be done even without encryption (i.e. using QTcpSocket)