Is this the right way to set the SSL protocol with QWebPage?

Question

I've been working with SSL in Qt, where I need to set a specific protocol (instead of the default "secure protocols"). It looks like this works:

QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setProtocol(QSsl::TlsV1_0);
QSslConfiguration::setDefaultConfiguration(config);

But it makes me uncomfortable to set the protocol in a global way like this, instead of setting it on the QWebPage or QWebView or something. Am I missing something obvious or is this really the best way to do this? I know I can set it on an SSL socket, but I'm using QtWebKit, and don't have access to the individual sockets.

score 3 · Accepted Answer · answered Aug 29 '12 at 21:49

The way I've found to do this is to extend QNetworkAccessManager and set the protocol in createRequest:

class NetworkAccessManager : public QNetworkAccessManager
{
    Q_OBJECT
public:
    explicit NetworkAccessManager(QObject *parent = 0);

protected:
    virtual QNetworkReply * createRequest(Operation operation, const QNetworkRequest & request, QIODevice * outgoingData = 0) {
        // I have no idea why request is const, but I need to change it
        QNetworkRequest notConstRequest = request;
        QSslConfiguration conf = notConstRequest.sslConfiguration();
        conf.setProtocol(QSsl::TlsV1_0);
        notConstRequest.setSslConfiguration(conf);
        return QNetworkAccessManager::createRequest(operation, notConstRequest, outgoingData);
    }
};

Then I can set it in my QWebpage using setNetworkAccessManager.

Nice solution, and similar to http://stackoverflow.com/questions/11303904/how-to-set-qwebviews-socket-options, which also explains why my solution doesn't work for you. Glad you figured it out anyway! — jaypb, Aug 29 '12 at 22:28

score 2 · Answer 2 · answered Aug 28 '12 at 16:04

You may find this helpful: Https page works in Windows but not in Linux, he uses the same methodology (near the bottom of the page) as you do for setting the protocol.

I couldn't find a lot of resources, however the Qt docs for Nokia explicitly state that you can set the protocol on a QSslSocket object specifically. Relevant bit:

Note that changing settings in QSslConfiguration is not enough to change the settings in the related SSL connection. You must call setSslConfiguration on a modified QSslConfiguration object to achieve that. The following example illustrates how to change the protocol to TLSv1 in a QSslSocket object:

QSslConfiguration config = sslSocket.sslConfiguration();
config.setProtocol(QSsl::TlsV1);
sslSocket.setSslConfiguration(config);

So yes, the best way is probably to set it on a per-socket-object basis, however if that is not available your method also works. Nokia page: QSslConfiguration

Unfortunately, this is per-socket, and sockets are *way* below the level `QWebPage` has access to. — Brendan Long, Aug 29 '12 at 21:50

Is this the right way to set the SSL protocol with QWebPage?

2 Answers2

Linked