问
javax.net.ssl.SSLException:SSL握手中止在调用webservice Android时由对等方重置连接
ha遗忘的密 发布于 2023-02-08 15:05我打电话给https webservice,之前它的工作正常,但现在当我试图调用它时,它会给我以下错误.
记录错误:
12-23 06:28:11.969: W/System.err(3014): javax.net.ssl.SSLException: SSL handshake aborted: ssl=0x1cc160: I/O error during system call, Connection reset by peer 12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method) 12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:474) 12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl$SSLInputStream.(OpenSSLSocketImpl.java:750) 12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:692) 12-23 06:28:11.979: W/System.err(3014): at crittercism.android.aa.getInputStream(Unknown Source) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.io.SocketInputBuffer. (SocketInputBuffer.java:93) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java:83) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java:170) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java:106) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java:129) 12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:171) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) 12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
我使用以下代码来调用https webservice.
public static void trustAllHosts() {
X509TrustManager easyTrustManager = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// Oh, I am easy!
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// Oh, I am easy!
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { easyTrustManager };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
public static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore
.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
MySSLSocketFactory.java
public class MySSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");
public MySSLSocketFactory(KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException, UnrecoverableKeyException {
super(truststore);
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
}
@Override
public Socket createSocket(Socket socket, String host, int port,
boolean autoClose) throws IOException, UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port,
autoClose);
}
@Override
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
}
它之前工作正常,但现在它失败了.服务器中没有任何更改.
我已经说过了
Android-Query - 随机SSLExceptions
间接连接由Android中的Peer错误重置连接到.NET REST端点
Android HTTPS异常连接由同行重置
为什么HttpUrlConnection在移动数据连接上抛出SSLException?
我已经在wifi和移动数据中测试了它.应用程序不兼容.
如果有人在此之前遇到这个问题,请帮我解决.
1 个回答
-
我也有同样的例外.我发现这是由于服务器不支持TLS 1.0协议.
我观察到Android设备,http连接无法在
TLS 1.0不支持的服务器上运行.我搜索了关于这个bug的每个地方,但没有发现任何与此问题有关的内容.当TLS 1.0 protocol支持添加到服务器时,问题就解决了.您可以使用https://www.ssllabs.com/ssltest检查您的服务器/主机名协议支持.2023-02-08 15:06 回答
作小die_syj
撰写答案
今天,你开发时遇到什么问题呢?
立即提问
京公网安备 11010802041100号