All geek questions in one place

Javax.net.ssl.SSLHandshakeException: Connection closed by peer at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake (native method)

up to 24 api level, my code works fine, but it gives me an error at 24 api level (7.0 nougat). I do not understand what is happening with my code.

The first approach is here:

<?xml version="1.0" encoding="utf-8"?> <network-security-config> <base-config> <trust-anchors> <certificates src="system"/> <certificates src="user"/> </trust-anchors> </base-config> <domain-config> <domain includeSubdomains="true">xyz.com</domain> <trust-anchors> <certificates src="@raw/my_ca"/> </trust-anchors> </domain-config> </network-security-config>

Inside the manifest file:

android:network Security Config = "@xml/network_security_config" I have included network_security_config inside res/xml/network_security_config and ca certificate inside res/raw/my_ca.pem

The second approach is here:

  import org.apache.http.client.HttpClient; import org.apache.http.conn.ClientConnectionManager; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; import java.io.IOException; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class ExSSLSocketFactory extends SSLSocketFactory { SSLContext sslContext = SSLContext.getInstance("TLS"); public ExSSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException,KeyStoreException, UnrecoverableKeyException { super(truststore); TrustManager x509TrustManager = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[] { x509TrustManager }, null); } public ExSSLSocketFactory(SSLContext context) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException { super(null); sslContext = context; } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); } @Override public Socket createSocket() throws IOException { return sslContext.getSocketFactory().createSocket(); } public static HttpClient getHttpsClient(HttpClient client) { try{ X509TrustManager x509TrustManager = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[]{x509TrustManager}, null); SSLSocketFactory sslSocketFactory = new ExSSLSocketFactory(sslContext); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager clientConnectionManager = client.getConnectionManager(); SchemeRegistry schemeRegistry = clientConnectionManager.getSchemeRegistry(); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); return new DefaultHttpClient(clientConnectionManager, client.getParams()); } catch (Exception ex) { return null; } } }

When creating an http connection:

 public String CallWebService(String url, String soapAction, String envelope){ final HttpClient httpClient = ExSSLSocketFactory.getHttpsClient(new DefaultHttpClient()); HttpParams params = httpClient.getParams(); HttpConnectionParams.setConnectionTimeout(params, 150000); HttpConnectionParams.setSoTimeout(params, 150000); HttpProtocolParams.setUseExpectContinue(httpClient.getParams(), true); HttpPost httppost = new HttpPost(url); httppost.setHeader("soapaction", soapAction); httppost.setHeader("Content-Type", "text/xml; charset=utf-8"); String responseString = ""; try { HttpEntity entity = new StringEntity(envelope); httppost.setEntity(entity); ResponseHandler<String> rh = new ResponseHandler<String>() { public String handleResponse(HttpResponse response) throws ClientProtocolException, IOException { HttpEntity entity = response.getEntity(); StringBuffer out = new StringBuffer(); byte[] b = EntityUtils.toByteArray(entity); out.append(new String(b, 0, b.length)); return out.toString(); } }; responseString = httpClient.execute(httppost, rh); Log.d("Response is here....", "responseString : " + responseString); } catch (Exception e) { e.printStackTrace(); } // close the connection httpClient.getConnectionManager().shutdown(); return responseString; }

However, I get an error message:

javax.net.ssl.SSLHandshakeException: connection closed by peer 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake (native method ) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake (OpenSSLSocketImpl.javahaps57) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.okhttp.Connection.connectTls (Connection.java:235) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err: at com.android.okhttp.Connection.connectSocket (Connection.java:199) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err: at com.android.okhttp.Connection.connect (Connection.java:172) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err: at com.android.okhttp.Connection.connectAndSetOwner (Connection.javahaps67) 01-24 10: 28: 03.182 32251-474 / com .neosoft.meconnect W / System.err:
at com.android.okhttp.OkHttpClient $ 1.connectAndSetOwner (OkHttpClient.java:130) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err:
in com.android.okhttp.internal.http.HttpEngine.connect (HttpEngine.java:329) 01-24 10: 28: 03.182 32251-474 / com.neosoft.meconnect W / System.err:
in com.android.okhttp.internal.http.HttpEngine.sendRequest (HttpEngine.java:246) 01-24 10: 28: 03.183 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute (HttpURLConnectionImpl.java:457) 01-24 10: 28: 03.183 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect (HttpURLConnectionImpl.java:126) 01-24 10: 28: 03.183 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect (DelegatingHttpsURLConnection.java:89) 01-24 10: 28: 03.184 32251-474 / com.neosoft.meconnect W / System.err:
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect (HttpsURLConnectionImpl.java) 01-24 10: 28: 03.184 32251-474 / com.neosoft.meconnect W / System.err:
at org.ksoap2.transport.ServiceConnectionSE.connect (ServiceConnectionSE.java:46) 01-24 10: 28: 03.184 32251-474 / com.neosoft.meconnect W / System.err:
at org.ksoap2.transport.HttpTransportSE.call (HttpTransportSE.java:68) 01-24 10: 28: 03.184 32251-474 / com.neosoft.meconnect W / System.err:
at srd.gshelp.GSSoapConWSDL.javaHit (GSSoapConWSDL.java:180) 01-24 10: 28: 03.184 32251-474 / com.neosoft.meconnect W / System.err: at srd.gshelp.GSSoapConWSDL.access $ 0 (GSSoapLC java: 144) 01-24 10: 28: 03.185 32251-474 / com.neosoft.meconnect W / System.err: at srd.gshelp.GSSoapConWSDL $ TaskAsync.doInBackground (GSSoapConWSDL.java:215) 01-24 10: 28 : 03.185 32251-474 / com.neosoft.meconnect W / System.err:
at srd.gshelp.GSSoapConWSDL $ TaskAsync.doInBackground (GSSoapConWSDL.java:1) 01-24 10: 28: 03.185 32251-474 / com.neosoft.meconnect W / System.err:
at android.os.AsyncTask $ 2.call (AsyncTask.java:304) 01-24 10: 28: 03.185 32251-474 / com.neosoft.meconnect W / System.err: at java.util.concurrent.FutureTask.run ( FutureTask.java:237) 01-24 10: 28: 03.186 32251-474 / com.neosoft.meconnect W / System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1133) 01-24 10 : 28: 03.186 32251-474 / com.neosoft.meconnect W / System.err:
in java.util.concurrent.ThreadPoolExecutor $ Worker.run (ThreadPoolExecutor.java:607) 01-24 10: 28: 03.186 32251-474 / com.neosoft.meconnect W / System.err:
at java.lang.Thread.run (Thread.java:761) 01-24 10: 28: 03.187 32251-474 / com.neosoft.meconnect W / System.err: Suppressed: javax.net.ssl.SSLHandshakeException: connection closed peer

Kindly help. Thanks at Advance.

+12
source share
3 answers

Make sure that the TLS-enabled server.

+3
source

Did you use the Okhttp library? This is a very good library for network calls. You can also handle this exception.

I had a similar problem and I handled this:

 public static OkHttpClient getHttpClientForFile() { ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_0) .cipherSuites( CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA) .build(); return new OkHttpClient.Builder() .connectTimeout(2, TimeUnit.MINUTES) .writeTimeout(2, TimeUnit.MINUTES) .readTimeout(3, TimeUnit.MINUTES) .connectionSpecs(Collections.singletonList(spec)) .protocols(Arrays.asList(Protocol.HTTP_1_1)) .build(); }

I don’t know if this is good or not, but it works for me.

The class that you used SSLSocketFactory may cause an error after publishing the application in the play store or in the play store, may give you a warning about changing your code.

You can find the Okhttp library from https://github.com/square/okhttp .

+1
source

I ran into the same problem, same javax.net.ssl.SSLHandshakeException during an API call.

but in my case the problem was that my device was connected to wifi but the wifi fi not router had internet connections and then an exception was exception

0
source

Source: https://habr.com/ru/post/1014358/

More articles:


All Articles