Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

QWebEngineView - handshake failed; returned -1, SSL error code 1, net_error -205



  • Windows 7 32bit
    Based on Qt 5.13.1 (MSVC 2017, 32 bit)
    Qt Creator 4.10.1
    The Qt 5.13 version is using SSL lib build: "OpenSSL 1.1.1b 26 Feb 2019" and
    SSL lib version: "OpenSSL 1.1.1d 10 Sep 2019"

    The QWebEngineView loads a local HTML page.
    The user clicks a button the page.
    The button transfers from the local page to an HTTPS page.
    The HTTPS page loads about 40% in release config) and to 70%(debug config) verified by loadProgress then hangs for a number of seconds seconds.
    Then the handshake error occurs and is displayed.

    When the Qt app is built in "release" mode there are 2 errors

    [2384:1456:0219/112603.780:ERROR:ssl_client_socket_impl.cc(962)] handshake failed; returned -1, SSL error code 1, net_error -205
    [2384:1456:0219/112603.780:ERROR:ssl_client_socket_impl.cc(962)] handshake failed; returned -1, SSL error code 1, net_error -205
    

    When the Qt app is built in "debug" mode the above errors display followed by

    js: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
    [3604:2600:0219/114659.321:INFO:CONSOLE(101)] "Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.", source: https://-----.------.com/payments/split/dojo/dojo.js;jsessionid=8CE2A0D2A32AAB0357316BC1B6E6AA66 (101)
    [3604:2600:0219/114659.321:INFO:CONSOLE(101)] "Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.", source: https://-----.------.com/payments/split/dojo/dojo.js;jsessionid=8CE2A0D2A32AAB0357316BC1B6E6AA66 (101)
    

    The "-----.-----" is just to obfuscate the HTTPS URL

    Thoughts?

    Should I call the payment clearing company?

    Is this a known Qt bug or the responsibility of the URL owner providing the payment clearing service?

    Is the "handshake" issue "SSL related" or it it due to a bad certificate in the Qt QWebEngine/Chomium stuff in the 5.13 version, or a certificate on the payment clearing URL?



  • Is this possibly related?

    libnssckbi.so is not in the 5.13 directory structure.

    
    https://github.com/clearlinux/distribution/issues/1843
    
    In Qt 5.13  /DevTools/Qt/5.13.2/Src/qtwebengine/src/3rdparty/chromium/crypto/nss_util.cc 
    
      // Load nss's built-in root certs.
      SECMODModule* InitDefaultRootCerts() {
        SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", nullptr);
        if (root)
          return root;
    
        // Aw, snap.  Can't find/load root cert shared library.
        // This will make it hard to talk to anybody via https.
        // TODO(mattm): Re-add the NOTREACHED here when crbug.com/310972 is fixed.
        return nullptr;
      }
    
    


  • Qt version 5.14.2 has the same issue



  • Reverted to 5.12.2

    Everything is now working again. Not sure what the issue is/was.


Log in to reply