Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Native Development Knowledge Base

Qt enables SSL session sharing by default in next update

by BlackBerry Development Advisor on ‎04-03-2013 09:54 AM (2,410 Views)

The next software update for BlackBerry® 10 will among others bring an updated version of Qt®. One feature that is enabled in the new Qt version is that SSL session sharing (session identifiers as described in RFC 5246) will be enabled by default: This saves a network roundtrip for SSL handshakes that can reuse a SSL session from a previously completed handshake, provided the server supports this feature.
 
All applications that use HTTP calls over SSL to a server that supports shared sessions will receive this performance benefit; since many Web services offer their API over SSL (e.g.  Facebook® and Twitter®), this change hopefully speeds up many apps.
 
Unfortunately, there are very few servers out there that claim to support SSL session sharing but turn out not to; in such a case, you can disable the feature explicitly with code similar to the one below:
 


QNetworkRequest request(url);
QSslConfiguration config = request.sslConfiguration();
config.setSslOption(QSsl::SslOptionDisableSessionTickets, true);
request.setSslConfiguration(config);
// then send the request as usual


 
You can find out whether the server you are connecting to advertises session sharing correctly with e.g. the openssl command line tool (just replace the server name in the commands below):
 


openssl s_client -connect www.qt-project.org:443 -sess_out session-qt
openssl s_client -connect www.qt-project.org:443 -sess_in session-qt
// works and resumes sessions
 
openssl s_client -connect www.blackberry.com:443 -sess_out session-bb
openssl s_client -connect www.blackberry.com:443 -sess_in session-bb
// works and does not resume sessions


 
If the second call to your server (the one with the "-sess_in" parameter) still works, the server is working correctly and there is nothing you need to do. If not, you probably want to turn off session sharing in your app with the code snippet presented earlier.

Users Online
Currently online: 4 members 823 guests
Please welcome our newest community members: