Java SSLHandshakeException SSLProtocolException与Android 6(棉花糖)
我有一个通过SSLSocket与服务器通信的应用程序。 从Android 6我收到一个SSLHandshakeExceptionJava SSLHandshakeException SSLProtocolException与Android 6(棉花糖),java,android,sockets,ssl,android-6.0-marshmallow,Java,Android,Sockets,Ssl,Android 6.0 Marshmallow,我有一个通过SSLSocket与服务器通信的应用程序。 从Android 6我收到一个SSLHandshakeException javax.net.ssl.SSLHandshakeException: Handshake failed at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:396) at com.android.org.conscryp
javax.net.ssl.SSLHandshakeException: Handshake failed
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:396)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:629)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:591)
at com.pandaproject.service.ClientSocket.sendPatient(ClientSocket.java:1355)
at com.pandaproject.service.ClientSocket.uploadPatient(ClientSocket.java:826)
at com.pandaproject.service.ClientSocket.<init>(ClientSocket.java:241)
at com.pandaproject.service.UploadObject.getFromServer(UploadObject.java:201)
at com.pandaproject.service.UploadObject.access$000(UploadObject.java:20)
at com.pandaproject.service.UploadObject$1.run(UploadObject.java:97)
at java.lang.Thread.run(Thread.java:818)
Caused by javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x9dea4280: Failure in SSL library, usually a protocol error
error:100c5410:SSL routines:ssl3_read_bytes:SSLV3_ALERT_HANDSHAKE_FAILURE (external/boringssl/src/ssl/s3_pkt.c:972 0xaee563c0:0x00000001)
error:100c009f:SSL routines:ssl3_get_server_hello:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (external/boringssl/src/ssl/s3_clnt.c:750 0xab2a450f:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(NativeCrypto.java)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:629)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:591)
at com.pandaproject.service.ClientSocket.sendPatient(ClientSocket.java:1355)
at com.pandaproject.service.ClientSocket.uploadPatient(ClientSocket.java:826)
at com.pandaproject.service.ClientSocket.<init>(ClientSocket.java:241)
at com.pandaproject.service.UploadObject.getFromServer(UploadObject.java:201)
at com.pandaproject.service.UploadObject.access$000(UploadObject.java:20)
at com.pandaproject.service.UploadObject$1.run(UploadObject.java:97)
at java.lang.Thread.run(Thread.java:818)
Android代码:
Socket clientSocket = null;
KeyStore store = KeyStore.getInstance("BKS");
InputStream in2 = ctx.getResources().openRawResource(
R.raw.server);
store.load(in2, "password".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
tmf.init(store);
SSLContext sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, tmf.getTrustManagers(),
new SecureRandom());
SSLSocketFactory sslsocketfactory = sslcontext
.getSocketFactory();
clientSocket = (SSLSocket) sslsocketfactory.createSocket(
Constants.SERVER_HOST, port);
ObjectInputStream obi = new ObjectInputStream(
clientSocket.getInputStream());
ObjectOutputStream obs = new ObjectOutputStream(
clientSocket.getOutputStream());
obs.writeObject("text");
obs.flush();
有什么提示吗?根据这个:
似乎发生的是,注释性DH密码被丢弃。
因此,您不能再使用不在Android密钥库中的证书。使用Nmap SSLtest或使用Nmap SSLtest测试服务器,并发布结果(支持的密码和协议)。此问题解决了吗?这个@Giuseppe有什么解决办法吗?
ServerSocket server = null;
Socket socket=null;
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
try{
char[] passphrase = "password".toCharArray();
String keyfile = "keyName";
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyfile), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), null, null);
ServerSocketFactory ssf = ctx.getServerSocketFactory();
server = ssf.createServerSocket(port);
}catch (IOException e){
e.printStackTrace();
}
while (true) {
socket = server.accept();
new Thread(new WorkerThread(socket));
}
Socket clientSocket = null;
KeyStore store = KeyStore.getInstance("BKS");
InputStream in2 = ctx.getResources().openRawResource(
R.raw.server);
store.load(in2, "password".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
tmf.init(store);
SSLContext sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, tmf.getTrustManagers(),
new SecureRandom());
SSLSocketFactory sslsocketfactory = sslcontext
.getSocketFactory();
clientSocket = (SSLSocket) sslsocketfactory.createSocket(
Constants.SERVER_HOST, port);
ObjectInputStream obi = new ObjectInputStream(
clientSocket.getInputStream());
ObjectOutputStream obs = new ObjectOutputStream(
clientSocket.getOutputStream());
obs.writeObject("text");
obs.flush();