I call the API to log in, but I get an ssl handshake error in Android 7.0, except this version everything works fine. I am using a modification. Below is the error.
SSL confirmation completed: ssl = 0xcbcd0340: Error in the SSL library, usually a protocol error error: 1000043e: SSL routines: OPENSSL_internal: TLSV1_ALERT_INAPPROPRIATE_FALLBACK (external / boringssl / src / ssl / s3_pkt.c: 600 0x 040 0x 001 0ebx00
Also, as someone said, to add the following code so that this problem is resolved, but still no luck,
ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_2) .cipherSuites( CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256) .build(); okHttpClient.connectionSpecs(Collections.singletonList(spec));
I even tried to let every certificate trust, but still no luck. Below is the code.
public static OkHttpClient.Builder sslSocketFactory(OkHttpClient.Builder okHttpClient) { try { // Create a trust manager that does not validate certificate chains final TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { @Override public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[]{}; } } }; ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_0) .allEnabledCipherSuites() .build(); // Install the all-trusting trust manager final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); // Create an ssl socket factory with our all-trusting manager final javax.net.ssl.SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); //////// OkHttpClient.Builder builder = new OkHttpClient.Builder(); okHttpClient.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]); okHttpClient.hostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); return okHttpClient; } catch (Exception e) { throw new RuntimeException(e); } }
Below are my ssllabs tests using android 7.0
ssllabs test In all other versions of Android, all APIs work fine, I get a response, but I canβt get a response in version 7.0.