On Thu, Nov 22, 2018 at 7:54 PM Mårten Nordheim <[email protected]> wrote:
> Does it work if you call setProtocol(QSsl::TlsV1_2) on the client > socket/configuration before connecting? No, same error. I'm not 100% the problem is strictly the client because if I run $> openssl s_client -connect 127.0.0.1:7777 -tls1_2 I get the following: CONNECTED(00000005) write:errno=0 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 206 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1542911999 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- While at the server side debug output I read: QAbstractSocket::ConnectedState QAbstractSocket::SocketError(13) : Encrypting the connection failed QAbstractSocket::UnconnectedState The PSK emission you see sounds like OpenSSL 1.1.1 with TLS 1.3, but I > don't think it should fail the handshake, or at least don't remember > seeing it do that. > Indeed, the loaded library is openssl v1.1.1 from /usr/lib/x86_64-linux-gnu/libssl.so.1.1 Setting TLS 1.2 also emits preSharedKeyAuthenticationRequired, though.
_______________________________________________ Interest mailing list [email protected] https://lists.qt-project.org/listinfo/interest
