Android< = 4.4.2和TLS 1.2

时间:2015-09-13 00:16:50

标签: android ssl tls1.2

我为公司做了一个应用程序,它支持API级别13+(3.0+)。它通过XML从CMS收集数据并将其显示在应用程序上。这是通过HTTPS完成的,在将服务器升级到TLS 1.2之前一直运行良好。现在,由于SSLPeerUnverifiedException,API级别20以下的Android版本将无法获取XML,并且很多手机无法再看到此应用。

是否有办法在启用TLS 1.2的情况下超过SSLPeerUnverified

注意:当前的SSL证书如下:

AddTrust External CA Root
--> COMODO High-Assurance Secure Server CA
  --> *.appdomain.com

目前为止最有帮助的SOF文章: Implementing TLS 1.2 on Android 2.3.3

1 个答案:

答案 0 :(得分:1)

团队中的其他人回答了这个问题,但结果包括以下内容:

  • SSLContext helper=null;
  • helper.init(null,null,null);
  • SSLContext.getInstance("TLSv1.2");
  • SSLEngine engine = helper.createSSLEngine();

这是他用来检查ssl并将所有内容放入其中的函数:

public void sslCheck() {

        int PLAY_SERVICES_RESOLUTION_REQUEST=9000;
        int resultCode = GooglePlayServicesUtil.isGooglePlayServicesAvailable(this);
        //Log.i("log_tag2", String.valueOf(resultCode));
        if (resultCode != ConnectionResult.SUCCESS) {
            if (GooglePlayServicesUtil.isUserRecoverableError(resultCode)) {
                Log.i("log_tag2","Not good!");
                if (MyAppActivity.instance != null) {
                    Log.i("log_tag2","but can fix");
                    GooglePlayServicesUtil.getErrorDialog(
                            resultCode,
                            MyAppActivity.instance,
                            PLAY_SERVICES_RESOLUTION_REQUEST).show();
                }
            }
        }
        else {
            Log.i("log_tag2","Already good!");
            try {
                ProviderInstaller.installIfNeeded(this);
                Log.i("log_tag", "1");
            } catch (GooglePlayServicesRepairableException e) {
                e.printStackTrace();
            } catch (GooglePlayServicesNotAvailableException e) {
                e.printStackTrace();
            }
            SSLContext helper=null;
            try {
                helper = SSLContext.getInstance("TLSv1.2");
                Log.i("log_tag","2");
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
            try {
                helper.init(null,null,null);
                Log.i("log_tag", "3");
            } catch (KeyManagementException e) {
                e.printStackTrace();
            }
            SSLEngine engine = helper.createSSLEngine();
        }
    }