是否可以在Android N后端使用仅支持TLS 1.0的证书?
我有一个带有targetSdkVersion 23的应用程序,但在Android N(apiLevel 24)上启动时,所有与后端的连接都会引发异常:是否可以在Android N后端使用仅支持TLS 1.0的证书?,android,ssl,https,Android,Ssl,Https,我有一个带有targetSdkVersion 23的应用程序,但在Android N(apiLevel 24)上启动时,所有与后端的连接都会引发异常: javax.net.ssl.SSLHandshakeException: Handshake failed at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:429) at com.android.okhttp.Connecti
javax.net.ssl.SSLHandshakeException: Handshake failed
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:429)
at com.android.okhttp.Connection.connectTls(Connection.java:235)
at com.android.okhttp.Connection.connectSocket(Connection.java:199)
at com.android.okhttp.Connection.connect(Connection.java:172)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:367)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:130)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java)`
<...>
Suppressed: javax.net.ssl.SSLHandshakeException: Handshake failed
... 23 more
Suppressed: javax.net.ssl.SSLHandshakeException: Handshake failed
... 23 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7ffeec27f540: Failure in SSL library, usually a protocol error
error:100000f3:SSL routines:OPENSSL_internal:WRONG_CURVE (external/boringssl/src/ssl/s3_clnt.c:1205 0x7ffee9cef70a:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 22 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7ffeec27f540: Failure in SSL library, usually a protocol error
error:100000f3:SSL routines:OPENSSL_internal:WRONG_CURVE (external/boringssl/src/ssl/s3_clnt.c:1205 0x7ffee9cef70a:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 22 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7ffeec27f540: Failure in SSL library, usually a protocol error
error:100000f3:SSL routines:OPENSSL_internal:WRONG_CURVE (external/boringssl/src/ssl/s3_clnt.c:1205 0x7ffee9cef70a:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 22 more
javax.net.ssl.SSLHandshakeException:握手失败
访问com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:429)
位于com.android.okhttp.Connection.connectTls(Connection.java:235)
位于com.android.okhttp.Connection.connectSocket(Connection.java:199)
位于com.android.okhttp.Connection.connect(Connection.java:172)
在com.android.okhttp.Connection.connectAndSetOwner上(Connection.java:367)
位于com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:130)
位于com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
位于com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
位于com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457)
位于com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126)
位于com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
位于com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java)`
抑制:javax.net.ssl.SSLHandshakeException:握手失败
... 23多
抑制:javax.net.ssl.SSLHandshakeException:握手失败
... 23多
原因:javax.net.ssl.SSLProtocolException:ssl握手中止:ssl=0x7ffeec27f540:ssl库中出现故障,通常是协议错误
错误:10000F3:SSL例程:OPENSSL\u内部:错误的\u曲线(外部/boringssl/src/SSL/s3\u clnt.c:1205 0x7ffee9cef70a:0x00000000)
在com.android.org.conscrypt.NativeCrypto.SSL_do_握手(本机方法)
访问com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 还有22个
原因:javax.net.ssl.SSLProtocolException:ssl握手中止:ssl=0x7ffeec27f540:ssl库中出现故障,通常是协议错误
错误:10000F3:SSL例程:OPENSSL\u内部:错误的\u曲线(外部/boringssl/src/SSL/s3\u clnt.c:1205 0x7ffee9cef70a:0x00000000)
在com.android.org.conscrypt.NativeCrypto.SSL_do_握手(本机方法)
访问com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 还有22个
原因:javax.net.ssl.SSLProtocolException:ssl握手中止:ssl=0x7ffeec27f540:ssl库中出现故障,通常是协议错误
错误:10000F3:SSL例程:OPENSSL\u内部:错误的\u曲线(外部/boringssl/src/SSL/s3\u clnt.c:1205 0x7ffee9cef70a:0x00000000)
在com.android.org.conscrypt.NativeCrypto.SSL_do_握手(本机方法)
访问com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
... 还有22个
我的后端证书仅支持TLSv1协议。这是安卓N的问题吗 编辑1:
将targetSdkVersion更改为24会得到相同的结果 编辑2:
我们的目标URL是最后,证书已更新为支持TLS 1.2。您已截断Stacktrace,即相关的内部异常(带有异常文本)缺少。我将首先尝试将targetSdkVersion更改为24,然后查看问题是否仍然存在。将targetSdkVersion更改为24会得到相同的结果。已添加完整堆栈跟踪。谢谢。这里没有“TLSv1”证书。有X.509证书可用于多个TLS版本中的身份验证,包括SSL 3.0、TLS 1.0、TLS 1.2。。。至于错误本身:“错误的_曲线”可以提供线索,但可能需要知道目标URL以获得更好的帮助。我的猜测是,当与安卓N的较新TLS堆栈一起使用时,服务器无法按预期工作,这可能是服务器或安卓中的一个bug。