How to enable ssl support for Qt?

I use some RSA encrypt/decrypt functions in openssl lib so I installed the latest openssl lib 1.1.0 and imported the lib into my Qt project. I thought  my Qt was ssl enabled until I met this error when calling QNetworkAccessManager::get to fetch an https url:

qt.network.ssl: QSslSocket::connectToHostEncrypted: TLS initialization failed

The error is obviously related to SSL. First, I tried to ignore this error by connecting the sslErrors signal of QNetworkAccessManager to a slot onsslerrors and ignore the ssl errors in the slot:

void onsslerrors(QNetworkReply * reply, const QList<QSslError> & errors)
{
    reply->ignoreSslErrors();
}

But the problem persisted. I searched the Internet for an answer and got this post. I printed the result of QSslSocket::supportsSsl() in my program and found it was false, which meant QSslSocket did not support SSL yet. It’s a little weird because I had added openssl lib to my project and deployed the openssl dll to the application directory, and my code using the lib worked well. Why the imported openssl does not support QSslSocket? I also printed the version of openssl that Qt libs were built with:

QSslSocket::sslLibraryBuildVersionString()

and found my Qt was built using openssl 1.0.2b. That is the reason that causes the problem. Qt was built using an old openssl version while I added the latest version of openssl in the project. The dll names have changed between the two versions. The old openssl uses libeay32.dll,libssl32.dll, and ssleay32.dll, while the new version uses libcrypto-1_1.dll and libssl-1_1.dll. I think maybe QSslSocket loads  libeay32.dll and ssleay32.dll by their name dynamically so it cannot find the required dlls. The solution is simple: install an old version of openssl and copy libeay32.dll and ssleay32.dll in the same directory of the application. Note that do not put the dlls in the qt working directory, otherwise Qt still cannot find them. Also pay attention to the 32bit/64bit issue. If you are developing a 32 bit application, you should use the 32 bit openssl dlls. A minor difference between the openssl version Qt is dependent on and the openssl version you install does not matter. For example, you can install openssl 1.0.2c and that version can also enable the Qt built with 1.0.2b. What matters is the dll name must match.

 

Posted in

Leave a Reply