在android 5 Lollipop上运行,我试图从我的服务器获得一个使用TLSv1.2的响应,但是我收到了这个错误日志。相同的代码适用于android 4和android 6.如何解决这个问题?
05-23 10:25:46.221: W/System.err(5945): javax.net.ssl.SSLHandshakeException: Handshake failed
05-23 10:25:46.221: W/System.err(5945): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
05-23 10:25:46.222: W/System.err(5945): at com.android.okhttp.Connection.upgradeToTls(Connection.java:197)
05-23 10:25:46.222: W/System.err(5945): at com.android.okhttp.Connection.connect(Connection.java:151)
05-23 10:25:46.225: W/System.err(5945): at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:276)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:211)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:373)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:323)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:190)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210)
05-23 10:25:46.226: W/System.err(5945): at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:25)
05-23 10:25:46.227: W/System.err(5945): at java.lang.Thread.run(Thread.java:818)
05-23 10:25:46.227: W/System.err(5945): Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x6f4cc600: Failure in SSL library, usually a protocol error
05-23 10:25:46.227: W/System.err(5945): error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (external/openssl/ssl/s23_clnt.c:735 0x6be81ee1:0x00000000)
05-23 10:25:46.231: W/System.err(5945): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
05-23 10:25:46.231: W/System.err(5945): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:302)
05-23 10:25:46.232: W/System.err(5945): ... 12 more
这是我的代码
public static void getWithoutCertificate() {
String url = "https://thapi.bluepay.asia/blue/gateWay/doProcess/service_queryTrans?operatorId=2&productid=177&t_id=gasq20160519153044zD&encrypt=30001721bd69594aa09b30ccaebb7683";
StringBuffer bufferRes = null;
try {
TrustManager[] tm = { new MyX509TrustManager() };
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, tm, new java.security.SecureRandom());
// get SSLSocketFactory from the sslContext above
javax.net.ssl.SSLSocketFactory ssf = sslContext.getSocketFactory();
URL _url = new URL(url);
HttpsURLConnection httpsURLConnection = (HttpsURLConnection) _url
.openConnection();
// trust any hostname
httpsURLConnection
.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
httpsURLConnection.setSSLSocketFactory(ssf);
httpsURLConnection.setConnectTimeout(25000);
httpsURLConnection.setReadTimeout(25000);
httpsURLConnection.setRequestMethod("GET");
httpsURLConnection.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded");
httpsURLConnection
.setRequestProperty(
"User-Agent",
"Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36");
httpsURLConnection.setDoOutput(true);
httpsURLConnection.setDoInput(true);
httpsURLConnection.connect();
InputStream in = httpsURLConnection.getInputStream();
BufferedReader read = new BufferedReader(new InputStreamReader(in,
"utf-8"));
String valueString = null;
bufferRes = new StringBuffer();
while ((valueString = read.readLine()) != null) {
bufferRes.append(valueString);
}
in.close();
if (httpsURLConnection != null) {
httpsURLConnection.disconnect();// close connection
}
Log.i(TAG, bufferRes.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
// an inner class
private static class MyX509TrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
}