Based on https://talk.maemo.org/showthread.php?t=101156 thread by n9erator, I managed to repeat his steps (with little newer OpenSSL, 1.0.2u) and get TLS 1.2 support in (probably most of) Qt apps, mainly built-in browsers. TLS 1.2 sites work and report no certificate issues.

You can download my package here:

http://wunderwungiel.pl/MeeGo/files/...or%20N9.tar.gz

Keep in mind it replaces system packages, so be brave
I tested built-in browser, Warehouse and Helium Reborn, they all support TLS 1.2 with my package.

And enjoy

So evtl. it will we possible to make fahrplan app an N9 working ?
https://github.com/poetaster/fahrplan
this a fork for sailfishos
from
https://github.com/smurfy/fahrplan

If the initial problem was TLS 1.2/1.3 lack, you can try just running it. It's Qt, so most likely it uses the library I compiled.

I am so ....

I had an old version...
Updated to 2.0.31 last version its working !!! :

With TLS 1.2 or without? Great to hear!!!

Sorry for the late reply...

without your new packages.
Fahrplan doesn't work !!

i tested on my other N9....

Holy Moly it works!

This is so awesome, I can express how grateful I am for your work. I just wish I could take a time machine and bring it back to 2018, so that less developers jump ship from the N9 in the meantime.

Most sites work in the browser now. Fahrplan works with German DB backend, Marble can download tiles, Warehouse offered some updates, I can listen to web radio with Internet Radio Player, Quickddit works again and mail synchronization is more reliable.

Oh how happy I am I still carry my N9 with me when i take my backpack in case my main phones battery runs out and for some specific tasks (Stargazing, Reading, ...)

Can i somehow send you a thanks? Paypal donation, a small gift shipped to you or something like that?

Edit
Also worth mentioning: All those pesky free wifi portal sites work again!

Wow! I'm glad it works! That's really nice, I actually haven't expected so many things to start working, only knew about browser, Warehouse and Helium Really good news

Regarding donations, you can do it with PayPal (dredlok84@gmail.com), just with some adequate title, cause it's my dad account ).

And really, really thanks for kind words Really nice from you.
And again, I'm really happy that it fixes so many things.

I just can't believe. Quickddit? Marble? Web radio? That's just incredible.

Donation is on its way, you earned it

It would be great, when you find the time, if you could document the steps in enough details that others can build on it. How you solved the certificate problem, which hurdles you jumped when compiling the newer versions and so on.

In the future this may allow others to transfer your work to the maemo OS (although that may soon be moot, when Leste matures), for TLS 1.3 when TLS 1.2 becomes obsolete, which should still take many years or even for other libraries I do not have on my radar which may break compatibility in the near future.

For now I am just so happy I can use my N9 again for looking up the next bus or browsing the web. No modern phone can be as easily operated with one hand, which became even more crucial with my newborn son

I got your donation! Thank you so much!

I will try to explain the steps I have done. Basically, you need the Scratchbox SDK for cross-compiling N9 software - the easiest way for me was to use Halftux's VM: https://talk.maemo.org/showthread.php?t=95806
I used VirtualBox to run it (you could use VMware or maybe QEMU after converting the vhd file). Then some things to change language to English:

And I also set up sudo. Then, for easiest and most comfortable work, setup port forwarding of port 22 in VirtualBox (i.e. 8080 -> 22), so you can ssh / scp on localhost:8080 for most comfortable modern terminal of your choice.

Inside Scratchbox's terminal, you need sources of many packages. Basically, latest source is here:
http://maemo.cloud-7.de/HARM/N9/1.3/cdrom.iso
Mirror: http://wunderwungiel.pl/MeeGo/cdrom.iso

Extract the ISO and get sources of related packages. The list I used:

libsignoncrypto-qt
libsasl2
cryptsetup
aegis-crypto
aegis-certman
libaccounts-glib
qt4-x11

These are source packages. If the archive in source ISO contains both many folders and debian folder, just extract it. If there are two archives: orig and diff, extract orig first, cd to orig folder, and execute:

This will apply the diff files.

You need OpenSSL source, in this case 1.0.2u, extract it, and build normally. I used:

It will install new OpenSSL into Scratchbox's /usr/local. To make sure the latest one is used, cd to /usr/lib/pkgconfig, and rename the openssl *.pc files to *.bak files, so configure scripts don't find the original OpenSSL.

You can also grab OpenSSL files in /usr/local and make a DEB package from it with dpkg-deb.

Now you can build everything. For most packages, just execute:

in source directory (debian folder and many different files/folders). Exceptions:

- aegis-certman: in etc/certs/common-ca remove all certs and add Mozilla ones, in PEM (text) format. I also applied certman_main.cpp patch manually (patch utility refused to work). [B]I don't know if the patch was needed, but - it worked with it, so I left it like this.
- qt4-x11: edit src/network/ssl/qsslsocket_openssl_symbols.cpp, go to line 336, and remove:

So the line is:

If you used different OpenSSL prefix, change it here.

When you compiled everything, remove all *dev*, *dbg*, *doc*, and *test* files and grab only following packages (my list, many may be unnecessary):

libsignoncrypto-qt
libsasl2-modules
libsasl2
libqt4-network
libcryptsetup0
libaegis-crypto1
libaegis-certman0
libaccounts-glib0
libaccounts-glib-tools
cryptsetup
aegis-crypto-tools
aegis-certman-tools

Installing in device

Funny parts come here. To make new certs working, you need to execute c_rehash from OpenSSL (I added the command to my postinst). But, perl is not available on N9, as it break depends.

Two options:

- change the control files of either perl or mp-harmattan-xxx* (I don't remember which is problematic), or just extract perl deb and get binaries and correct folders
- rebuild perl to custom location

I used option two, I was lucky cause I had ready perl from previous things done for N9 (my WunderN9 repo), so I just changed shebang in /usr/local/bin/c_rehash to /my/prefix/bin/perl. That's why I include my Perl in the package.

So, make your perl available, install your OpenSSL (you can already add c_rehash to postinst, my OpenSSL postinst:

Then you could make again (idk if needed), and install all the DEBs from list you got from scratchbox. reboot (might be not needed), and enjoy TLS 1.2