Best IT Recipes

Com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake is canceled:

I use the Volley library in Android in my application, and when I try to execute POST requests to our server, I get the following error:

com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x6821edb0: Failure in SSL library, usually a protocol error error:1407743E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert inappropriate fallback (external/openssl/ssl/s23_clnt.c:744 0x5f4c0c46:0x00000000)

Our server is signed with the following SSL certificate:

 i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Organization Validation Secure Server CA i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

The certificate is described by openssl as follows:

 New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA

I checked the Cipher ciphers for Android and said that it is enabled by default.

I tried the following solution for this problem, but none of them solved:

HTTPS support for the Volley Android network library - does not work (also does not work for me, since it is not protected)

How to disable SSLv3 in android for HttpsUrlConnection? - I tried this, the error is still happening

The Android Api used in the project is Android 5.1 (API 22). The version of the Volley library is 1.0.15 (it has also been tested with the latest version 1.0.18, but the problem still arises).

Another solution I tried is to use okhttp integrated with Volley, but the problem still arises.

Any working solution would be greatly appreciated.

Thank you in advance!

UPDATE

By the way, I managed to get supported ciphers from the server:

 Supported cipher suites (ORDER IS NOT SIGNIFICANT): SSLv3 RSA_WITH_RC4_128_MD5 RSA_WITH_RC4_128_SHA RSA_WITH_IDEA_CBC_SHA RSA_WITH_3DES_EDE_CBC_SHA DHE_RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA DHE_RSA_WITH_AES_256_CBC_SHA RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_CAMELLIA_128_CBC_SHA RSA_WITH_CAMELLIA_256_CBC_SHA DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA TLS_DHE_RSA_WITH_SEED_CBC_SHA (TLSv1.0: idem) (TLSv1.1: idem) TLSv1.2 RSA_WITH_RC4_128_MD5 RSA_WITH_RC4_128_SHA RSA_WITH_IDEA_CBC_SHA RSA_WITH_3DES_EDE_CBC_SHA DHE_RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA DHE_RSA_WITH_AES_256_CBC_SHA RSA_WITH_AES_128_CBC_SHA256 RSA_WITH_AES_256_CBC_SHA256 RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE_RSA_WITH_AES_128_CBC_SHA256 DHE_RSA_WITH_AES_256_CBC_SHA256 RSA_WITH_CAMELLIA_256_CBC_SHA DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

From what I read, there shouldn't be any problems with these ciphers on the LVL 22 API.

+5
android ssl android-volley
Aug 24 '15 at 14:26
source share
1 answer

I found the problem after several hours of searching on the Internet and the project code: Inside the project, I have a class called JsonToPOJORequest<T> , which extends the Volley JsonRequest<T> class. This is the class that actually makes the request for each method on the server. Having analyzed the code a bit, I found the method call inside the constructor as follows:

 setRetryPolicy(new DefaultRetryPolicy(3*DefaultRetryPolicy.DEFAULT_TIMEOUT_MS, 0, 0));

where DefaultRetryPolicy.DEFAULT_TIMEOUT_MS set as 2500 ms.

Since the POST request had a lot of data, it takes longer to send the request and receive a response from the server.

It seems that Volley did not wait enough for the answer to come up and select a TimeoutError. Thus, the request was made, everything works well on the server, but the client (Android) does not wait for the server and receives an error message.

The solution was to set the Timeout parameter higher or 0, for example:

 setRetryPolicy(new DefaultRetryPolicy(5*DefaultRetryPolicy.DEFAULT_TIMEOUT_MS, 0, 0)); setRetryPolicy(new DefaultRetryPolicy(0, 0, 0));

Two remaining questions:

1) Why does it take so long to request? → 3 * 2500 = 7500 ms - quite a lot of time (more than 7 seconds) to make a request. And this is not a server problem, since it works fine on iOS.

2) Why does VolleyError look like this?

 com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted:

Must be a TimeoutError, not a NoConnectionError.

You can find more information about this error here, I also brought out a solution: Android Volley dual mail on slow request

https://groups.google.com/forum/#!topic/volley-users/8PE9dBbD6iA

+16
Sep 02 '15 at 14:24
source share


More articles:


All Articles