Android 7.0: 'javax.net.ssl.SSLHandshakeException: Connexion fermée par un correspondant

Question

Lorsque j'essaie d'accéder à un service Web' https 'à partir de mon application, il donne une' javax.net.ssl.SSLHandshakeException: Connection fermé par l'égal 'erreur. Le même service Web fonctionne correctement dans le navigateur Chrome.

Ce problème se produit uniquement sur Android 7.0, il fonctionne très bien sous Android 6.0 & 5.0.

Le serveur est certifié par CA et non auto-signé.

Answer 1

je devais utiliser la classe SSLSocket étendue à tous les Protocoles et suites de chiffrement afin de surmonter ce problème. La solution réside dans le GetProtocolList() & GetCipherList()

private static OkHttpClient.Builder enableAllProtocols(OkHttpClient.Builder client) { 
    try { 
     client.sslSocketFactory(new SSLSocketFactoryExtended(), provideX509TrustManager()); 
    } catch (Exception exc) { 
     Log.e("OkHttpTLSCompat", "Error while setting Protocols", exc); 
    } 
    return client; 
} 

fichier SSLSocketFactorExtended classe

public class SSLSocketFactoryExtended extends SSLSocketFactory 

{ 
    private SSLContext mSSLContext; 
    private String[] mCiphers; 
    private String[] mProtocols; 

public SSLSocketFactoryExtended() throws NoSuchAlgorithmException, KeyManagementException 
{ 
    initSSLSocketFactoryEx(null,null,null); 
} 

public String[] getDefaultCipherSuites() 
{ 
    return mCiphers; 
} 

public String[] getSupportedCipherSuites() 
{ 
    return mCiphers; 
} 

public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException 
{ 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    SSLSocket ss = (SSLSocket)factory.createSocket(s, host, port, autoClose); 

    ss.setEnabledProtocols(mProtocols); 
    ss.setEnabledCipherSuites(mCiphers); 

    return ss; 
} 

public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException 
{ 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    SSLSocket ss = (SSLSocket)factory.createSocket(address, port, localAddress, localPort); 

    ss.setEnabledProtocols(mProtocols); 
    ss.setEnabledCipherSuites(mCiphers); 

    return ss; 
} 

@Override 
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException 
{ 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    SSLSocket ss = (SSLSocket)factory.createSocket(host, port, localHost, localPort); 

    ss.setEnabledProtocols(mProtocols); 
    ss.setEnabledCipherSuites(mCiphers); 

    return ss; 
} 

@Override 
public Socket createSocket(InetAddress host, int port) throws IOException 
{ 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    SSLSocket ss = (SSLSocket)factory.createSocket(host, port); 

    ss.setEnabledProtocols(mProtocols); 
    ss.setEnabledCipherSuites(mCiphers); 

    return ss; 
} 

@Override 
public Socket createSocket(String host, int port) throws IOException 
{ 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    SSLSocket ss = (SSLSocket)factory.createSocket(host, port); 

    ss.setEnabledProtocols(mProtocols); 
    ss.setEnabledCipherSuites(mCiphers); 

    return ss; 
} 

private void initSSLSocketFactoryEx(KeyManager[] km, TrustManager[] tm, SecureRandom random) 
     throws NoSuchAlgorithmException, KeyManagementException 
{ 
    mSSLContext = SSLContext.getInstance("TLS"); 
    mSSLContext.init(km, tm, random); 

    mProtocols = GetProtocolList(); 
    mCiphers = GetCipherList(); 
} 

protected String[] GetProtocolList() 
{ 
    String[] protocols = { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}; 
    String[] availableProtocols = null; 

    SSLSocket socket = null; 

    try 
    { 
     SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
     socket = (SSLSocket)factory.createSocket(); 

     availableProtocols = socket.getSupportedProtocols(); 
    } 
    catch(Exception e) 
    { 
     return new String[]{ "TLSv1" }; 
    } 
    finally 
    { 
     if(socket != null) 
      try { 
       socket.close(); 
      } catch (IOException e) { 
      } 
    } 

    List<String> resultList = new ArrayList<String>(); 
    for(int i = 0; i < protocols.length; i++) 
    { 
     int idx = Arrays.binarySearch(availableProtocols, protocols[i]); 
     if(idx >= 0) 
      resultList.add(protocols[i]); 
    } 

    return resultList.toArray(new String[0]); 
} 

protected String[] GetCipherList() 
{ 
    List<String> resultList = new ArrayList<String>(); 
    SSLSocketFactory factory = mSSLContext.getSocketFactory(); 
    for(String s : factory.getSupportedCipherSuites()){ 
     resultList.add(s); 
    } 
    return resultList.toArray(new String[resultList.size()]); 
} 

}

Answer 2

essayez d'utiliser ce code, il fonctionne pour moi:

private static void initializeSSLContext(Context mContext){ 
    try { 
     SSLContext.getInstance("TLSv1.2"); 
    } catch (NoSuchAlgorithmException e) { 
     e.printStackTrace(); 
    } 
    try { 
     ProviderInstaller.installIfNeeded(mContext.getApplicationContext()); 
    } catch (GooglePlayServicesRepairableException e) { 
     e.printStackTrace(); 
    } catch (GooglePlayServicesNotAvailableException e) { 
     e.printStackTrace(); 
    } 
} 

et ne pas oublier de usr bibliothèque de sécurité Google:

compile 'com.google.android.gms:play-services-safetynet:11.6.2'