com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native方法中的javax.net.ssl.SSLHandshakeException:由对等点关闭的连接
在api级别24之前,我的代码运行良好,但它给我的api级别24( 7.0努格特)带来了错误。我不明白我的代码出了什么问题。
第一种方法是:
<?xml version="1.0" encoding="utf-8"?> <network-security-config>
<base-config> <trust-anchors> <certificates src="system"/>
<certificates src="user"/> </trust-anchors> </base-config>
<domain-config> <domain includeSubdomains="true">xyz.com</domain>
<trust-anchors> <certificates src="@raw/my_ca"/> </trust-anchors>
</domain-config> </network-security-config>内部清单文件:
android:network Security Config = "@xml/network_security_config" i在res/xml/network_security_config中包含了network_security_config,而ca证书在res/raw/my_ca.pem中
第二种方法是:
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import java.io.IOException; import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class ExSSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");
public ExSSLSocketFactory(KeyStore truststore) throws
NoSuchAlgorithmException, KeyManagementException,KeyStoreException,
UnrecoverableKeyException {
super(truststore);
TrustManager x509TrustManager = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
} public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
} public X509Certificate[] getAcceptedIssuers()
{
return null;
}
};
sslContext.init(null, new TrustManager[] {
x509TrustManager }, null);
} public ExSSLSocketFactory(SSLContext
context) throws KeyManagementException, NoSuchAlgorithmException,
KeyStoreException, UnrecoverableKeyException {
super(null);
sslContext = context;
} @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException,
UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port,
autoClose);
} @Override public Socket createSocket() throws
IOException {
return sslContext.getSocketFactory().createSocket();
}
public static HttpClient getHttpsClient(HttpClient client) {
try{
X509TrustManager x509TrustManager = new X509TrustManager()
{
@Override
public void checkClientTrusted(X509Certificate[] chain, String
authType) throws CertificateException { }
@Override public void
checkServerTrusted(X509Certificate[] chain, String authType) throws
CertificateException {
}
@Override public X509Certificate[]
getAcceptedIssuers() {
return null;
}
};
SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new
TrustManager[]{x509TrustManager}, null); SSLSocketFactory
sslSocketFactory = new ExSSLSocketFactory(sslContext);
sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager clientConnectionManager =
client.getConnectionManager(); SchemeRegistry schemeRegistry =
clientConnectionManager.getSchemeRegistry();
schemeRegistry.register(new Scheme("https", sslSocketFactory, 443));
return new DefaultHttpClient(clientConnectionManager,
client.getParams());
} catch (Exception ex)
{ return null;
} } }在进行http连接时:
public String CallWebService(String url, String soapAction, String envelope){
final HttpClient httpClient = ExSSLSocketFactory.getHttpsClient(new DefaultHttpClient());
HttpParams params = httpClient.getParams();
HttpConnectionParams.setConnectionTimeout(params, 150000);
HttpConnectionParams.setSoTimeout(params, 150000);
HttpProtocolParams.setUseExpectContinue(httpClient.getParams(), true);
HttpPost httppost = new HttpPost(url);
httppost.setHeader("soapaction", soapAction);
httppost.setHeader("Content-Type", "text/xml; charset=utf-8");
String responseString = "";
try
{
HttpEntity entity = new StringEntity(envelope);
httppost.setEntity(entity);
ResponseHandler<String> rh = new ResponseHandler<String>()
{
public String handleResponse(HttpResponse response) throws ClientProtocolException, IOException
{
HttpEntity entity = response.getEntity();
StringBuffer out = new StringBuffer();
byte[] b = EntityUtils.toByteArray(entity);
out.append(new String(b, 0, b.length));
return out.toString();
}
};
responseString = httpClient.execute(httppost, rh);
Log.d("Response is here....", "responseString : " + responseString);
}
catch (Exception e)
{
e.printStackTrace();
}
// close the connection
httpClient.getConnectionManager().shutdown();
return responseString;
}不过,我还是犯了错误:
com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native方法) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: at javax.net.ssl.SSLHandshakeException方法) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.Connection.connectTls(Connection.java:235) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.Connection.connectSocket(Connection.java:199) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: at com.android.okhttp.Connection.connect(Connection.java:172) 01-24 10:28:03.18232251-474/com.neosoft.meconnect W/System.err: at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:367) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:130) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329) 01-24 10:28:03.182 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246) 01-24 10:28:03.183 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457) 01-24 10:28:03.183 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126) 01-24 10:28:03.183 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89) 01-24 10:28:03.184 32251-474/com.neosoft.meconnect W/System.err: com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java) 01-24 10:28:03.184 32251-474/com.neosoft.meconnect W/System.err: org.ksoap2.transport.ServiceConnectionSE.connect(ServiceConnectionSE.java:46) 01-24 10:28:03.184 32251-474/com.neosoft.meconnect W/System.err: org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:68) 01-24 10:28:03.184 32251-474/com.neosoft.meconnect W/System.err: 地址: srd.gshelp.GSSoapConWSDL.javaHit(GSSoapConWSDL.java:180) 01-24 10:28:03.184 32251-474/com.neosoft.meconnect W/System.err: srd.gshelp.GSSoapConWSDL.access$0(GSSoapConWSDL.java:144) 01-24 10:28:03.185 32251-474/com.neosoft.meconnect W/System.err: at srd.gshelp.GSSoapConWSDL$TaskAsync.doInBackground(GSSoapConWSDL.java:215) 01-24 10:28:03.185 32251-474/com.neosoft.meconnect W/System.err: srd.gshelp.GSSoapConWSDL$TaskAsync.doInBackground(GSSoapConWSDL.java:1) 01-24 10:28:03.185 32251-474/com.neosoft.meconnect W/System.err: android.os.AsyncTask$2.call(AsyncTask.java:304) 01-24 10:28:03.185 32251-474/com.neosoft.meconnect W/System.err: java.util.concurrent.FutureTask.run(FutureTask.java:237) 01-24 10:28:03.186 32251-474/com.neosoft.meconnect W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133) 01-24 10:28:03.186 32251-474/com.neosoft.meconnect W/System.err: java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607) 01-24 10:28:03.186 32251-474/com.neosoft.meconnect W/System.err: 在java.lang.Thread.run(Thread.java:761) 01-24 10:28:03.187 32251-474/com.neosoft.meconnect W/System.err:抑制: javax.net.ssl.SSLHandshakeException:由对等方关闭的连接
帮帮忙吧。提前谢谢。
回答 3
Stack Overflow用户
发布于 2017-02-02 09:42:50
确保您已经从服务器端设置了启用TLS的。
Stack Overflow用户
发布于 2019-01-31 11:50:42
我也面临着同样的问题,在调用API时,同样的javax.net.ssl.SSLHandshakeException正在抛出。
但就我而言,以下是问题所在
我的device是connected到wifi,但是wifi路由器是not有internet连接,然后exception被抛出
Stack Overflow用户
发布于 2017-01-24 06:45:06
你用过Okhttp图书馆吗?它是一个很好的网络呼叫库。您也可以处理这个异常。
我也有过类似的问题,我也是这样处理的:
public static OkHttpClient getHttpClientForFile() {
ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_0)
.cipherSuites(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA)
.build();
return new OkHttpClient.Builder()
.connectTimeout(2, TimeUnit.MINUTES)
.writeTimeout(2, TimeUnit.MINUTES)
.readTimeout(3, TimeUnit.MINUTES)
.connectionSpecs(Collections.singletonList(spec))
.protocols(Arrays.asList(Protocol.HTTP_1_1))
.build();
}我不知道它是好是坏,但它是为我工作。
您使用过的SSLSocketFactory类在play store或play store发布应用程序后可能会产生错误,可能会警告您更改代码。
您可以从Okhttp找到https://github.com/square/okhttp库。
https://stackoverflow.com/questions/41821569
复制相似问题
腾讯云开发者
