Java SSL握手中止:SSL=0xb9e21100:SSL库中出现故障,通常是协议错误
我已经审查了许多问题,但在我的应用程序中出现了相同的例外情况。我只在Kitkat运行旧版本的改型/Okhttp以支持旧版本时遇到了这个问题,这在连接到HTTPS/SSL安全网站时发生 格雷德尔先生Java SSL握手中止:SSL=0xb9e21100:SSL库中出现故障,通常是协议错误,java,android,ssl,Java,Android,Ssl,我已经审查了许多问题,但在我的应用程序中出现了相同的例外情况。我只在Kitkat运行旧版本的改型/Okhttp以支持旧版本时遇到了这个问题,这在连接到HTTPS/SSL安全网站时发生 格雷德尔先生 implementation('com.squareup.retrofit2:converter-gson:2.0.2') { exclude group: 'org.apache.commons', module: 'commons-io' } implementation('com.squ
implementation('com.squareup.retrofit2:converter-gson:2.0.2') {
exclude group: 'org.apache.commons', module: 'commons-io'
}
implementation('com.squareup.retrofit2:retrofit-converters:2.0.2') {
exclude group: 'org.apache.commons', module: 'commons-io'
}
implementation 'com.squareup.okhttp3:logging-interceptor:3.12.1'
implementation 'com.squareup.okhttp3:okhttp:3.12.1'
错误:
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb9e21100: Failure in SSL library, usually a protocol error
05-09 18:53:43.132 12230-12230/myapplication W/System.err:error:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3警报握手失败(外部/openssl/SSL/s23_clnt.c:741 0x8d978990:0x00000000)
AndroidManifest:
android:usesCleartextTraffic="true"
这就是我获得客户的方式:
public static OkHttpClient getHttpClientBuilder(){
ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.COMPATIBLE_TLS)
.supportsTlsExtensions(true)
.tlsVersions(TlsVersion.TLS_1_2, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0)
.cipherSuites(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA)
.build();
OkHttpClient.Builder client = new OkHttpClient.Builder()
.connectionSpecs(Collections.singletonList(spec))
//.addInterceptor(new HttpLoggingInterceptor().setLevel(HttpLoggingInterceptor.Level.BODY))
.followRedirects(true)
.followSslRedirects(true)
.retryOnConnectionFailure(true)
.cache(null)
.connectTimeout(5, TimeUnit.SECONDS)
.readTimeout(60, TimeUnit.SECONDS)
.connectTimeout(60, TimeUnit.SECONDS);
return enableTls12OnPreLollipop(client).build();
}
启用TLS12OnPrellolliPop
public static OkHttpClient.Builder enableTls12OnPreLollipop(OkHttpClient.Builder client) {
if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT < 22) {
try {
SSLContext sc = SSLContext.getInstance("TLSv1.2");
sc.init(null, null, null);
client.sslSocketFactory(new Tls12SocketFactory(sc.getSocketFactory()));
ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2).build();
List<ConnectionSpec> specs = new ArrayList<>();
specs.add(cs);
specs.add(ConnectionSpec.COMPATIBLE_TLS);
specs.add(ConnectionSpec.CLEARTEXT);
client.connectionSpecs(specs);
} catch (Exception exc) {
}
}
return client;
}
public static OkHttpClient.Builder启用TLS12onprellollipop(OkHttpClient.Builder客户端){
if(Build.VERSION.SDK_INT>=16&&Build.VERSION.SDK_INT<22){
试一试{
SSLContext sc=SSLContext.getInstance(“TLSv1.2”);
sc.init(null,null,null);
client.sslSocketFactory(新的Tls12SocketFactory(sc.getSocketFactory());
ConnectionSpec cs=新的ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2).build();
列表规格=新的ArrayList();
增加规格(cs);
规格添加(连接规格兼容);
规范添加(连接规范明文);
客户连接规范(规范);
}捕获(异常exc){
}
}
返回客户;
}