Bug 29413

It's still broken with Qt 4.6.0 + OpenSSL 0.9.8l on Windows.

It also happens at the Yahoo! sign-in link at http://m.www.yahoo.com/ which loads https://login.yahoo.com/

Might this simply have to do with the "protocol" used? I am having a similar problem with an SSL server of a customer. Using Qt 4.5.2 with Windows. A simple QNetworkReply reply = QNetworkAccessManager.get(... URL with https ...) And in the finished() slot: reply.error() == 6 (= SSL handshake failed) No SSL error was raised before. However setting the used protocol to QSsl::TlsV1 it works: QSslConfiguration ssl = QSslConfiguration::defaultConfiguration(); ssl.setProtocol(QSsl::AnyProtocol); QSslConfiguration::setDefaultConfiguration(ssl); This also works with the server in the first comment. If this is the reason this might be just a missing error message of Qt or OpenSSL.

Confirmed in trunk

I can confirm it with the WebKit trunk but only on Windows, on Linux it works fine. Each time when I connect via https protocol, page with message "Error creating SSL context ()" is displayed.

(In reply to comment #5) > I can confirm it with the WebKit trunk but only on Windows, on Linux it works > fine. > > Each time when I connect via https protocol, page with message "Error creating > SSL context ()" is displayed. Do you have the OpenSSL dlls installed?

(In reply to comment #6) > Do you have the OpenSSL dlls installed? Oops. After the installation I see "SSL handshake failed" message. I have checked a few pages; https://www.skandiabanken.no => SSL handshake failed https://secure.inteligo.com.pl/ => page loads but it is completely busted https://poczta.onet.pl/login.html => works (as a mobile/light version) https://gmail.com => SSL handshake failed, but connecting via http and then secure login is possible.

(In reply to comment #2) > It also happens at the Yahoo! sign-in link at http://m.www.yahoo.com/ which > loads https://login.yahoo.com/ Same problem on Windows, go on http://my.yahoo.com , click Sign in, I get either an handshake failed, or a connection closed message. (In reply to comment #7) > I have checked a few pages; > https://www.skandiabanken.no => SSL handshake failed > https://secure.inteligo.com.pl/ => page loads but it is completely busted > https://poczta.onet.pl/login.html => works (as a mobile/light version) > https://gmail.com => SSL handshake failed, but connecting via http and then > secure login is possible. These websites work for me on Windows. To have HTTPS support on Windows if you compiled your own Qt, you have to configure Qt with -openssl and make sure OpenSSL's INCLUDE and LIB environment variables are set accordingly.

Reproduced on Snow Leopard with Qt 4.7 trunk (HEAD 03f8f1df0d88f5ffe0b3120cffce614cbeefdb70) and WebKit trunk (r59155).

Also reproduced on Windows CE 5 & 6.

I am planning to work on this issue, unless someone has already started.

(In reply to comment #10) > Also reproduced on Windows CE 5 & 6. This was another Qt bug, now fixed.

I think this is issue with QtWebkit 2.1 Bug 43824

(In reply to comment #13) I mean to say, issue still exists with QtWebkit 2.1 also

Is this issue with Qt? http://bugreports.qt.nokia.com/browse/QTBUG-13033

(In reply to comment #15) > Is this issue with Qt? > > http://bugreports.qt.nokia.com/browse/QTBUG-13033 The original bug report was for Windows, which makes it unrelated to QTBUG-13033 (which results in a freeze due to Symbian specific code).

Is this issue currently reproducible (last comment is from August)? If so on which sites? It /could/ be the result of Qt missing some of the workarounds a browser generally does for the client (see http://www.imperialviolet.org/binary/draft-agl-tls-op-practices-00.html for details) but may not be. If a list of sites is determined then checking which connection options are causing the issue would be possible without too much work.

(In reply to comment #17) > Is this issue currently reproducible (last comment is from August)? If so on which sites? > It /could/ be the result of Qt missing some of the workarounds a browser generally does for the client (see http://www.imperialviolet.org/binary/draft-agl-tls-op-practices-00.html for details) but may not be. If a list of sites is determined then checking which connection options are causing the issue would be possible without too much work. Tried on latest webkit trunk running in linux with Qt 4.7 and the reported secured sites are opening up properly.

Tried to launch https://gmail.com and I am facing "SSL handshake failed" error.

(In reply to comment #19) > Tried to launch https://gmail.com and I am facing "SSL handshake failed" error. Try https://mail.google.com. I think this could be because of SNI handling in qt ssl proxy.

Quoting Peter : "Did you connect to https://skandiabanken.no? The certificate is issued for www.skandiabanken.no, so you need to connect to https://www.skandiabanken.no, then it works. Similar problem with https://gmail.com : The certificate is issued for mail.google.com, so entering https://mail.google.com works. It works for 4.8 because we use a feature called Server Name Indication; btw. browsing to https://gmail.com fails for several older versions of browsers, e.g. it fails with any IE on Windows XP. So no bug in Qt, just the usual certificate stuff. In general, it is just a bad idea to enter https:// addresses manually unless you know the exact host name contained in the certificate. " The demo browser doesn't have a proper handling for certificates like FF or other do (well it's a demo :D). If I get no objections I'll be for closing the bug and with 4.8, the sky will be clearer.

Closing.