the SSL/TLS handshake failed and the encrypted channel could not be established. The sslErrors() signal should have been emitted.

In my experience in using Qt, I find it would be hard to make a business app without the help of Qt experts. In other words, you need to buy their commercial license in order to get their support, and you definitely need their support in the course of developing a business app. Of course, you do not need any help if you write a program with some buttons on the window to click and pop up a “Hello world” dialog. You will find Qt is easy to use and keep using it until you develop an app that sells.

If you use QNetworkAccessManager to fetch a https url, you may fail with the SslHandshakeFailedError error “the SSL/TLS handshake failed and the encrypted channel could not be established. The sslErrors() signal should have been emitted.”¬† You can connect a slot to the error(QNetworkReply::NetworkError) signal of QNetworkReply to catch this error. The error code is QNetworkReply::NetworkError(6). This error is obviously related to SSL. Qt uses openssl to do the SSL stuff. But that error has nothing to do with the opensll lib(ssleay32.dll/libeay32.dll). The error seems related to the version compatibility of SSL such as the client uses SSLV2 but the website only supports SSLV3 and later versions. But the fact is the same program can connect to the https site successfully on Windows 10 but fails to connect the same website on Windows8 or Windows 7. If you connect a slot to the sslErrors(QList<QSslError>) signal of QNetworkReply to catch the SSL error, you will find the error is QSslError::NoError so there’s no error actually. You can verify the SSL configuration and the certificate of the website is good by visiting the website in a browser. If you try to ignore the SSL error by connecting the sslErrors(QList<QSslError>) signal of QNetworkReply to its slot ignoreSslErrors(), you will find the problem persists. So how to fix this problem or Qt bug? You should take 2 steps in order to fix this¬†SslHandshakeFailedError .

First, you set the peer verify mode to None for the request:

QSslConfiguration conf = request.sslConfiguration();
conf.setPeerVerifyMode(QSslSocket::VerifyNone);
request.setSslConfiguration(conf);

Even you do not require to verify the certificate of the server, the SSL error(QSslError::NoError) still occurs. So,

The next step is to ignore the error by connecting the QNetworkReply’s sslErrors(QList<QSslError>) signal to its ignoreSslErrors() slot.

Note that both steps are needed.

Reference: https://stackoverflow.com/questions/21636728/qt-ssl-handshake-failed

Posted in

Leave a Reply