I always get "SSL Handshake Failed" in Android phone, same code working in iOS and OSx desktop



  • With some support I've succesfully built QT 5.3.1 for Android and deployed an app in my smartphone using it: https://qt-project.org/forums/viewthread/44762/, but now the problem is that when accessing an https site I always get “SSL Handshake failed”; I get the error only in Android, not iOS or OSx desktop, having the same code which is someting like that:

       ...
        QSslConfiguration ssl = QSslConfiguration::defaultConfiguration();
        ssl.setProtocol(QSsl::AnyProtocol);
        QNetworkAccessManager *managerWl;
        QUrl myUrl = QUrl(pUrl) ;
        qDebug() << myUrl ;
        QNetworkRequest request;
        request.setUrl(myUrl);
        request.setSslConfiguration(ssl);
        QNetworkReply *netReply = managerWl->get(request);
        QEventLoop loop;
        connect(netReply, SIGNAL(finished()), &loop, SLOT(quit()));
        loop.exec&#40;&#41;;
    
        if (netReply->error() == QNetworkReply::NoError) {
           ....
        }
        ....
    

  • Lifetime Qt Champion

    Hi,

    Which version of OpenSSL are you using ?



  • It is openssl-1.0.1h

    I tried curl to download the page and it was telling:
    TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

    So I tought it was good to use:
    ssl.setProtocol(QSsl::TlsV1_2);
    And I did also try this, which was suggested by many people:
    ssl.setProtocol(QSsl::AnyProtocol);

    I've also tryed downloading the certificates chain with Firefox and putting it inside my deployed app, but no way:

    QUrl myUrl = QUrl(pUrl) ;
        qDebug() << myUrl ;
        QNetworkRequest request;
    #ifdef Q_OS_ANDROID
        QSslConfiguration ssl = QSslConfiguration::defaultConfiguration();
    
        QSslCertificate *sslCert = new QSslCertificate();
        QList<QSslCertificate> sslCertList = sslCert->fromPath("assets:/certs/*", QSsl::Pem,QRegExp::Wildcard);
    
        ssl.setCaCertificates(sslCertList);
        ssl.setProtocol(QSsl::SslV3);
        request.setSslConfiguration(ssl);
    
        QList<QSslCertificate> sslCertListBis = request.sslConfiguration().caCertificates() ;
        for (QSslCertificate cert: sslCertListBis) {
            qDebug() << "toText: " << cert.toText();
        }
    
    #endif
    

    But finally after hours of searching and trying in a post I found someone else having my same problem that solved like these:
    ssl.setProtocol(QSsl::SslV3);

    And it worked for me too, so it's ok. But I can't understand why


  • Lifetime Qt Champion

    OpenSSL on your device that is not the same ?


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.