Secure Sockets Layer (SSL) Classes

The classes below provide support for secure network communication using the Secure Sockets Layer (SSL) protocol, using the OpenSSL Toolkit (http://www.openssl.org/) to perform encryption and protocol handling.

From Qt version 5.2 onwards, the officially supported version for OpenSSL is 1.0.0 or later. Versions >= 0.9.7 and < 1.0.0 might work, but are not guaranteed to work.

QSsl

Declares enums common to all SSL classes in Qt Network

QSslCertificate

Convenient API for an X509 certificate

QSslCertificateExtension

API for accessing the extensions of an X509 certificate

QSslCipher

Represents an SSL cryptographic cipher

QSslConfiguration

Holds the configuration and state of an SSL connection

QSslEllipticCurve

Represents an elliptic curve for use by elliptic-curve cipher algorithms

QSslError

SSL error

QSslKey

Interface for private and public keys

QSslPreSharedKeyAuthenticator

Authentication data for pre shared keys (PSK) ciphersuites

QSslSocket

SSL encrypted socket for both clients and servers

Enabling and Disabling SSL Support

When building Qt from source, the configuration system checks for the presence of the openssl/opensslv.h header provided by source or developer packages of OpenSSL.

By default, an SSL-enabled Qt library dynamically loads any installed OpenSSL library at run-time. However, it is possible to link against the library at compile-time by configuring Qt with the -openssl-linked option.

When building a version of Qt linked against OpenSSL, the build system will attempt to link with libssl and libcrypt libraries located in the default location on the developer's system. This location is configurable: set the OPENSSL_LIBS environment variable to contain the linker options required to link Qt against the installed library. For example, on a Unix/Linux system:


  OPENSSL_LIBS='-L/opt/ssl/lib -lssl -lcrypto' ./configure -openssl-linked

To disable SSL support in a Qt build, configure Qt with the -no-openssl option.

Licensing Information

Note: Due to import and export restrictions in some parts of the world, we are unable to supply the OpenSSL Toolkit with Qt packages. Developers wishing to use SSL communication in their deployed applications should either ensure that their users have the appropriate libraries installed, or they should consult a suitably qualified legal professional to ensure that applications using code from the OpenSSL project are correctly certified for import and export in relevant regions of the world.

When the Qt Network module is built with SSL support, the library is linked against OpenSSL in a way that requires OpenSSL license compliance.