javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb7d84e10: Failure in SSL library解决

最新推荐文章于 2024-05-06 10:18:49 发布
最新推荐文章于 2024-05-06 10:18:49 发布
阅读量9.9k 收藏 8
点赞数 3 
异常信息
04-22 18:55:30.661 3949-3949/com.umeng.soexample.liuhao20190422 I/aaaa: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb7d84e10: Failure in SSL library, usually a protocol error
    error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (external/openssl/ssl/s23_clnt.c:714 0x96f15926:0x00000000)



//写一个类继承SSLSocket
public class SSL extends SSLSocketFactory {
    private SSLSocketFactory defaultFactory;
    // Android 5.0+ (API level21) provides reasonable default settings
    // but it still allows SSLv3
    // https://developer.android.com/about/versions/android-5.0-changes.html#ssl
    static String protocols[] = null, cipherSuites[] = null;

    static {
        try {
            SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
            if (socket != null) {
                /* set reasonable protocol versions */
                // - enable all supported protocols (enables TLSv1.1 and TLSv1.2 on Android <5.0)
                // - remove all SSL versions (especially SSLv3) because they're insecure now
                List<String> protocols = new LinkedList<>();
                for (String protocol : socket.getSupportedProtocols())
                    if (!protocol.toUpperCase().contains("SSL"))
                        protocols.add(protocol);
                SSL.protocols = protocols.toArray(new String[protocols.size()]);
                /* set up reasonable cipher suites */
                if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) {
                    // choose known secure cipher suites
                    List<String> allowedCiphers = Arrays.asList(
                            // TLS 1.2
                            "TLS_RSA_WITH_AES_256_GCM_SHA384",
                            "TLS_RSA_WITH_AES_128_GCM_SHA256",
                            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
                            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
                            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
                            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                            "TLS_ECHDE_RSA_WITH_AES_128_GCM_SHA256",
                            // maximum interoperability
                            "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
                            "TLS_RSA_WITH_AES_128_CBC_SHA",
                            // additionally
                            "TLS_RSA_WITH_AES_256_CBC_SHA",
                            "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
                            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
                            "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
                            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
                    List<String> availableCiphers = Arrays.asList(socket.getSupportedCipherSuites());
                    // take all allowed ciphers that are available and put them into preferredCiphers
                    HashSet<String> preferredCiphers = new HashSet<>(allowedCiphers);
                    preferredCiphers.retainAll(availableCiphers);
                    /* For maximum security, preferredCiphers should *replace* enabled ciphers (thus disabling
                     * ciphers which are enabled by default, but have become unsecure), but I guess for
                     * the security level of DAVdroid and maximum compatibility, disabling of insecure
                     * ciphers should be a server-side task */
                    // add preferred ciphers to enabled ciphers
                    HashSet<String> enabledCiphers = preferredCiphers;
                    enabledCiphers.addAll(new HashSet<>(Arrays.asList(socket.getEnabledCipherSuites())));
                    SSL.cipherSuites = enabledCiphers.toArray(new String[enabledCiphers.size()]);
                }
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public SSL(X509TrustManager tm) {
        try {
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, (tm != null) ? new X509TrustManager[]{tm} : null, null);
            defaultFactory = sslContext.getSocketFactory();
        } catch (GeneralSecurityException e) {
            throw new AssertionError(); // The system has no TLS. Just give up.
        }
    }

    private void upgradeTLS(SSLSocket ssl) {
        // Android 5.0+ (API level21) provides reasonable default settings
        // but it still allows SSLv3
        // https://developer.android.com/about/versions/android-5.0-changes.html#ssl
        if (protocols != null) {
            ssl.setEnabledProtocols(protocols);
        }
        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP && cipherSuites != null) {
            ssl.setEnabledCipherSuites(cipherSuites);
        }
    }

    @Override public String[] getDefaultCipherSuites() {
        return cipherSuites;
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return cipherSuites;
    }

    @Override
    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
        Socket ssl = defaultFactory.createSocket(s, host, port, autoClose);
        if (ssl instanceof SSLSocket){
            upgradeTLS((SSLSocket) ssl);
        }
        return ssl;
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
        Socket ssl = defaultFactory.createSocket(host, port);
        if (ssl instanceof SSLSocket){
            upgradeTLS((SSLSocket) ssl);
        }
        return ssl;
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
        Socket ssl = defaultFactory.createSocket(host, port, localHost, localPort);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        return ssl;
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        Socket ssl = defaultFactory.createSocket(host, port);
        if (ssl instanceof SSLSocket) {
            upgradeTLS((SSLSocket) ssl);
        }
        return ssl;
    }

    @Override public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        Socket ssl = defaultFactory.createSocket(address, port, localAddress, localPort);
        if (ssl instanceof SSLSocket){
            upgradeTLS((SSLSocket) ssl);
        }
        return ssl;
    }
}
//定义一个信任所有证书的TrustManager
final X509TrustManager trustAllCert = new X509TrustManager() {
    @Override
    public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
    }

    @Override
    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
        return new java.security.cert.X509Certificate[]{};
    }
};
OkHttpClient client = new OkHttpClient.Builder()
        .sslSocketFactory(new SSL(trustAllCert), trustAllCert)
        .hostnameVerifier(new HostnameVerifier() {             @Override
             public boolean verify(String s, SSLSession sslSession) {
                return true;
             }
         }).build();
liuhao032
关注
  • 3
    点赞
  • 8
    收藏
    觉得还不错? 一键收藏
  • 3
    评论
Android 5.0以下系统支持TLS 1.1/1.2协议版本
知行合一
07-17 2543
一、背景 项目中,客户端与服务端之间普遍使用Https协议通信,突然接到测试同事反馈Android5.0以下手机上,App测试服使用出现问题,出现SSL handshake aborted错误信息,但正式服正常。经查,普遍错误信息详情如下: SSL handshake aborted: ssl=0x78f08cd0: I/O error during system call, Connection reset by peer .... 从错误信息上粗略看上去,SSL握手阶段出现问题,连接终止。 二、分析与
OkHttpUtils: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb8f02e68: Failure in S
guozhaohui628
01-16 5372
1. 问题   碰到这个问题是我们公司用的是https,证书是赛门铁克的证书是tls1.2,然后我用的是okhttp,然后在android5.0以上没问题,请求都是可以的,但是在android5.0以下,连登陆都登不进,也不闪退,点击登陆没反应,然后报如上的异常,后面各种查资料,终于找到靠谱的,其中很多人其实都不知道,在瞎说。最权威的解释在这里httpsTLS,真心感谢这位博主。 2. 原因
解决javax.net.ssl.SSLHandshakeException: SSL握手异常的解决方法,亲测有效,嘿嘿嘿!!!
最新发布
PythonAigc的博客
05-06 3353
`javax.net.ssl.SSLHandshakeException: SSL握手异常` 通常表示在尝试建立安全套接字连接(SSL/TLS 握手)时出现了问题。这个问题可能由多种原因引起,包括但不限于证书问题、协议不匹配、加密算法不支持等。以下是对这个异常的分析、报错原因、解决思路、解决方法以及代码示例。 ### 问题分析 SSL握手是建立安全通信的过程,它涉及到客户端和服务器之间的多个步骤,包括证书交换、加密算法协商等。如果在这个过程中任何一个步骤出现问题,都可能导致SSL握手失败,并抛出`SSL
javax.net.ssl.SSLProtocolException: SSL handshake aborted
Kinsomy的博客
01-26 1万+
问题出现 前几天在接入新版api的时候,在Android 4.4版本的机型上测试的时候,网络请求捕获了一个异常,SSLProtocolException,具体的异常信息是 com.base.http.exception.NetworkRespException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=
Android异常处理javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x41ea4068: Failure in SSL
Blue_Tong的博客
10-22 2068
Android异常处理: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x41ea4068: Failure in SSL library, usually a protocol error log如下: 10-19 17:40:47.610 805-826/com.example.ipawsplay W/System.err: error:14077410:SSL routines:SSL23_
javax.net.ssl.SSLProtocolException:SSL handshake aborted
andoop的博客
03-15 5091
在做微信登录的时候遇到了这样的问题:javax.net.ssl.SSLProtocolException:SSL handshake aborted解决方案:手机连接的WiFi有代理,把代理去掉就搞定了
jenkins配置SVN时报错:javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
会写代码的大叔
06-05 3721
最近在学习jenkins,在配置SVN时发现老是会报错: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name 这个错误在使用idea的svn插件时遇到过,只要在java参数里面添加下面代码: -Djsse.enableSNIExtension=false 在jenkins里面用下
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
03-05
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair 解决方法总结
08-25
然而,当你遇到“javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair”的错误时,这意味着在建立SSL/TLS连接时,Diffie-Hellman(DH)密钥交换算法遇到了问题。DH是一种非对称...
解决webMagic0.7.3 出现javax.net.ssl.SSLException: Received fatal alert: protocol_version的问题-附件资源
03-02
解决webMagic0.7.3 出现javax.net.ssl.SSLException: Received fatal alert: protocol_version的问题-附件资源
javax.net.ssl.SSLHandshakeException: sun.security.validator 问题解决,与环境有关
04-03
在Java编程中,`javax.net.ssl.SSLHandshakeException` 是一个常见的错误,通常发生在进行安全套接层(SSL)或传输层安全(TLS)协议握手时出现问题。这个异常通常是由于客户端和服务器之间的证书不匹配、信任锚点...
https请求握手失败,javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException
huashanjuji的专栏
12-06 3073
在与银行支付系统通讯中,客户端前期运行正常,后来在银行系统更新以后,发现支付接口不能正常通讯。具体报错如下:javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x73f10468: Failure in SSL library, usually a ...
FreeRDP的安装配置(错误信息:SSL_read: Failure in SSL library (protocol error?))
weixin_34010566的博客
01-11 2900
最新文章:Virson's Blog 使用xfreerdp [serveripaddress]命令,连接xp/windows 2003都正常,但是在连接win7/2008时总是出错: ;-------------------------------------------------------------------------------- root@pg-vm:/etc/ld.so.c...
使用OkHttp请求https在android4.4报错javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException
q1581375053的博客
09-06 2824
对于HTTPS的请求我们一般都是采取忽略的策略,一般而言直接实现X509TrustManager接口,简单的以SSLContext获取SSLSocketFactory就可以的了,实测6.0以上还未遇到过什么奇葩的问题,6.0以下的,正常情况下也不会有什么问题,但最近偶然发现一客户提供的https地址请求居然报错了,抛出了javax.net.ssl.SSLHandshakeExcep...
javax.net.ssl.SSLProtocolException: handshake alert:unrecognized_name
之城的专栏
07-05 3249
今天研究网上的java版的微信模拟登录群发消息的代码时,运行报错handshake alert:unrecognized_name,调试发现完整的错误为javax.net.ssl.SSLProtocolExceptionhandshake alert:unrecognized_name 在百度上发现有网友说是因为JDK的版本不对导致,笔者更换了jdk的版本发现问题依旧,最后看到另一个网友的解决
关于volley javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: 错误
gqs519的专栏
08-21 8888
01-22 19:41:30.647 32296-32296/com.hogehoge E/HogeClient﹕ javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x599e5468: Failure in SSL library, usual
SSL_read: Failure in SSL library (protocol error?)
github_34572149的博客
03-26 802
SSL_read: Failure in SSL library (protocol error?)
Android 4.4 网络请求报错:javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL hand
qq_27494201的博客
04-06 1001
链接:https://pan.baidu.com/s/1otsDIFbAe6rgckFeJdVeDw。参考上面这条连接即可解决问题或者参考我的Demo。
使用https出错javax.net.ssl.SSLHandshakeException: Handshake failed
热门推荐
OONullPointerAlex的博客
11-11 2万+
最近项目中要用到https,android这边使用的是httpsurlconnection来进行访问的。其中遇到了一个非常诡异的问题,在此记录下来,以供参考: 注:https 的证书是后台自己生成的,没有申请合法的证书。 出错日志: 11-10 16:50:32.933: W/System.err(16031): javax.net.ssl.SSLHandshakeException: Ha
javax.net.ssl.SSLProtocolException: Received fatal alert: unexpected_message
10-20
javax.net.ssl.SSLProtocolException: Received fatal alert: unexpected_message是指SSL握手期间出现错误,通常是由于客户端和服务器之间的通信协议不兼容引起的。当客户端和服务器之间无法达成共识时,就会引发这...
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值