Is there a way to prevent javax.net.ssl.SSLHandshakeException in Unity because the server does not support SSLv3 to prevent a poodle attack?

Question

Is there a way to prevent javax.net.ssl.SSLHandshakeException in Unity because the server does not support SSLv3 to prevent a poodle attack?

Sometimes sometimes this www class in Unity returns an error like

javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7a819eb0: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x56aff990:0x00000000)

I assumed that the www class is using SSLv3, which server did not support this, so this error appeared.

Is there a way to configure the behavior of the www class to use TLSv1.1 / TLSv1.2? It is strange that this error only happens sometimes, not always. Sometimes I also received java.io.FileNotFoundException: <my_url>at the same time as the SSL error.

+4

ssl https unity3d

Paiboon panusbordee 18 sept. '15 at 11:57

source share

1 answer

swam92 · Answer 1 · 2015-10-05T17:59:38+0000

Sometimes the www class returns an error

'javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException'

http- , . , , , , , TLS 1.1/1.2. , , :

1) -Djavax.net.debug = all ( verbose logging, ), . SSL. , SSL.

2) openssl s_client -connect server.com:443 -ssl3, , ssl3. , , .

3) . SNI, SNI, . HTTP- (, SNI) , SNI .

.

Is there a way to prevent javax.net.ssl.SSLHandshakeException in Unity because the server does not support SSLv3 to prevent a poodle attack?

More articles: