[求助]android 4.x 访问ca签名https报错error:14077410:SSL routines:SSL23_GET_SERVER_HELLO
小妹经过两天时间的google+百度,搜出来很多本应解决此问题的自定义SSLSocketFactory,然而在4.1-4.4的模拟器上始终报错
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb7daa998: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9c42d7f1:0x00000000)
开始以为是因为okhttp或者okhttp3访问的问题,结果今天用HttpsURLConnection重新写了一遍,在20+没有任何问题,16+还是不报错,实在不知道什么原因高人求解,谢谢
访问源代码如下:
public static String httpGet(String httpUrl) {
BufferedReader input = null;
StringBuilder sb = null;
URL url = null;
HttpURLConnection con = null;
String cre = Credentials.basic(username,password);//此处为伪代码
Log.d("request","Credentials:"+cre);
// return response.request().newBuilder().header("Authorization",cre).build();
try {
url = new URL(httpUrl);
try {
// trustAllHosts();
HttpsURLConnection https = (HttpsURLConnection)url.openConnection();
https.addRequestProperty("Authorization",cre);
SSLSocketFactory sf = new MySSLSocketFactory();
https.setSSLSocketFactory(sf);
if (url.getProtocol().toLowerCase().equals("https")) {
https.setHostnameVerifier(DO_NOT_VERIFY);
con = https;
} else {
con = (HttpURLConnection)url.openConnection();
}
input = new BufferedReader(new InputStreamReader(con.getInputStream()));
sb = new StringBuilder();
String s;
while ((s = input.readLine()) != null) {
sb.append(s).append("\n");
}
} catch (IOException e) {
e.printStackTrace();
}
} catch (MalformedURLException e1) {
e1.printStackTrace();
} finally {
// close buffered
if (input != null) {
try {
input.close();
} catch (IOException e) {
e.printStackTrace();
}
}
// disconnecting releases the resources held by a connection so they may be closed or reused
if (con != null) {
con.disconnect();
}
}
return sb == null ? null : sb.toString();
}
使用的MySSLSocketFactory内容如下
public class MySSLSocketFactory extends SSLSocketFactory {
private SSLContext sc;
private SSLSocketFactory mSSLSocketFactory;
public MySSLSocketFactory() {
try {
sc = SSLContext.getInstance("TLSv1.2");
sc.init(null, null, null);
mSSLSocketFactory = sc.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}
@Override
public String[] getDefaultCipherSuites() {
return mSSLSocketFactory.getDefaultCipherSuites();
}
@Override
public String[] getSupportedCipherSuites() {
return mSSLSocketFactory.getSupportedCipherSuites();
}
@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
return enableTLS(mSSLSocketFactory.createSocket(s, host, port, autoClose));
}
@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
return enableTLS(mSSLSocketFactory.createSocket(host, port));
}
@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
return enableTLS(mSSLSocketFactory.createSocket(host, port, localHost, localPort));
}
@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
return enableTLS(mSSLSocketFactory.createSocket(host, port));
}
@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
return enableTLS(mSSLSocketFactory.createSocket(address, port, localAddress, localPort));
}
private Socket enableTLS(Socket socket) {
if(socket != null && (socket instanceof SSLSocket)) {
String[] protocols = new String[] {
"TLSv1.2"
};
((SSLSocket) socket).setEnabledProtocols(protocols);
}
return socket;
}
}
编译器版本为api25不知是否与此有关