我想在Android客户端和delphi服务器之间创建安全连接。建议使用TLS1.1或TLS1.2以及自签名证书。
目前最低sdk版本为19。
我想出了如何连接自签名证书。但似乎Android客户端总是尝试连接SSLv3。我试图禁用SSLv3并且只使用TLS,但我没有找到适合自签名证书的解决方案。
P.s。:如果我告诉服务器使用none或SSLv3
,请使用任何安全层或使用SSLv3连接正常工作DynamicTableEntity我的Asynctask代码
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x71698c50: Failure in SSL library, usually a protocol error
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x388da166:0x00000000)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.Connection.connect(Connection.java:107)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:89)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at com.android.okhttp.internal.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:161)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at de.gold_software.wartungsmanager.server.TestController$TestAsyncTask.doInBackground(TestController.java:119)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at de.gold_software.wartungsmanager.server.TestController$TestAsyncTask.doInBackground(TestController.java:66)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at android.os.AsyncTask$2.call(AsyncTask.java:288)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:237)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
11-25 13:19:10.418 10247-10291/de.gold_software.wartungsmanager W/System.err: at java.lang.Thread.run(Thread.java:841)
答案 0 :(得分:0)
你试过这个:
SSLContext context = SSLContext.getInstance("TLS");
SSLContext context = SSLContext.getInstance("TLSv1.2");?
另一件事可能是:
System.setProperty("https.protocols", "TLS"); //somewhere in Java code, in main f.e.
或者甚至
System.setProperty("https.protocols", "TLSv1"); //worked by me
但请注意,此设置将保存很长时间。
同样在您的Java JRE文件夹中,您可以找到文件jre / lib / security / java.security,您可以在其中找到这样的行并进行更改或只添加此行(仅当不存在时):
jdk.tls.disabledAlgorithms=SSLv3
或者结合最后两个解决方案。