All geek questions in one place

SSL does not work on Android 2.2 (only in version 2.3)

I get this in LogCat when httpsURLConnection.getInputStream () is called

SSL communication establishment error: failure in the SSL library, usually protocol error error: 14094412: SSL procedures: SSL3_READ_BYTES: sslv3 alert bad certificate (external / openssl / ssl / s3_pkt.c: 1127 0x29eb40: 0x00000003)

I tested it on Andorid 2.3 and it works great.

My server requires client authentication! Perhaps FROYO does not support this handshake ... I do not know ...

I also tried using httpclient. Failure in every case ...

private void process() throws Exception {

    char[] pass = "clientpass".toCharArray();

    InputStream ksStream = getAssets().open("clientKeyStore.bks");
    KeyStore keyStore = KeyStore.getInstance("BKS");
    keyStore.load(ksStream, pass);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(keyStore, pass);
    ksStream.close();

    X509TrustManager[] tm = new X509TrustManager[] { new X509TrustManager() {
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    } };

    SSLContext context = SSLContext.getInstance("TLS");
    context.init(kmf.getKeyManagers(), tm, null);
    HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
    });

    URL url = new URL("https://192.168.2.101:8443/RestTomcat/resources/veiculos/KKK1234");
    HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
    BufferedReader br = new BufferedReader(new InputStreamReader(httpsURLConnection.getInputStream()));
    StringBuilder sb = new StringBuilder();
    String line = null;
    while ((line = br.readLine()) != null)
        sb.append(line + "\n");
    br.close();

    Log.e("OUTPUT", sb.toString());
    httpsURLConnection.disconnect();
}
+1
source share
2 answers

, , 2.2.

+2

, , Android 2.2, . .p12 cert , Android 2.2, , .

, SO. , Root CA Sub CA, 2.2 . Sub CA .

UPDATE: Android , 2.1/2.2.

0

Source: https://habr.com/ru/post/1755398/

More articles:


All Articles