diff --git a/src/plugins/tls/securetransport/qtls_st.cpp b/src/plugins/tls/securetransport/qtls_st.cpp index 48b7f3364f8..ff431dabd17 100644 --- a/src/plugins/tls/securetransport/qtls_st.cpp +++ b/src/plugins/tls/securetransport/qtls_st.cpp @@ -817,17 +817,32 @@ bool TlsCryptographSecureTransport::setSessionCertificate(QString &errorDescript const void *values[2] = { password }; CFIndex nKeys = 1; #ifdef Q_OS_MACOS - bool envOk = false; - const int env = qEnvironmentVariableIntValue("QT_SSL_USE_TEMPORARY_KEYCHAIN", &envOk); - if (envOk && env) { - static const EphemeralSecKeychain temporaryKeychain; - if (temporaryKeychain.keychain) { - nKeys = 2; - keys[1] = kSecImportExportKeychain; - values[1] = temporaryKeychain.keychain; +#if QT_MACOS_IOS_PLATFORM_SDK_EQUAL_OR_ABOVE(150000, 180000) + // Starting from macOS 15 our temporary keychain is ignored. + // We have to use kSecImportToMemoryOnly/kCFBooleanTrue key/value + // instead. This key is "memory" but looks like Security framework + // does not compare strings, but pointers instead, so we need an actual + // key/constant. + if (__builtin_available(macOS 15, *)) { + nKeys = 2; + keys[1] = kSecImportToMemoryOnly; + values[1] = kCFBooleanTrue; + } else { +#else + { +#endif + bool envOk = false; + const int env = qEnvironmentVariableIntValue("QT_SSL_USE_TEMPORARY_KEYCHAIN", &envOk); + if (envOk && env) { + static const EphemeralSecKeychain temporaryKeychain; + if (temporaryKeychain.keychain) { + nKeys = 2; + keys[1] = kSecImportExportKeychain; + values[1] = temporaryKeychain.keychain; + } } } -#endif +#endif // Q_OS_MACOS QCFType options = CFDictionaryCreate(nullptr, keys, values, nKeys, nullptr, nullptr); QCFType items;