Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Trouble with secure websockets



  • Hey,

    I working with websockets at the moment based on the Qt examples: http://doc.qt.io/qt-5/qtwebsockets-examples.html
    I want to use the secure websockets now (wss) but I have trouble with the webclient.

    http://doc.qt.io/qt-5/qtwebsockets-sslechoserver-sslechoclient-html.html
    if I try to connect to the server, I get the following error:

    ERROR: undefined
    DISCONNECTED
    
    

    The key and cert file are created with openssl, using this 3 commands:

    openssl genrsa -out key.pem 2048
    openssl req -new -key key.pem -out csr.pem
    openssl req -x509 -days 365 -key key.pem -in csr.pem -out certificate.pem
    

    So I have no idea why the webclient can't connect. Maybe some handshake error but no idea why. Normal connections (ws://) working, websocket secure (wss://) not.
    Also the Echo-Client can connect without any problems.

    I tested the html file with Edge, Firefox, IE, Chrome, all fail. The browsers should be not the problem, I did the test on http://www.websocket.org/echo.html - working very well.

    I hope someone has an idea, I really need a solution for that problem.



  • Push

    If I try to connect to the server with the webclient, I get the following message from the server every time:

    qt.network.ssl: QSslSocket: cannot call unresolved function SSL_get0_next_proto_negotiated
    

    Maybe that information helps.


  • Lifetime Qt Champion

    Hi and welcome to devnet,

    What OS are you running ?



  • Windows 10 Education X64 - Qt 5.5.1


  • Lifetime Qt Champion

    Do you have OpenSSL-Win64 installed on your computer ?



  • Yes, I installed OpenSSL from here OpenSSL
    I'm using Version 1.0.2f - after the installation I got no more warnings in console but still no way to connect with the webclient.


  • Lifetime Qt Champion

    Good, so next thing: did you add the path to the OpenSSL-Win64 dlls to the PATH environment variable in the run settings from the Project panel ? Warning: Don't do it system wide, that's wrong.



  • I didn't.
    But also it didn't fixed the error.

    The QT client can connect to the server with wss.
    The Webclient can't connect to the server with wss. But an echo test to "wss://echo.websocket.org" is successfully, so the browser is okay. The question is, what's the difference between Qt secure websocket and the other solutions? Is it may some different SSL/TSL config?
    I'm using QSsl::TlsV1SslV3