javax.net.ssl.SSLProtocolException:SSL握手中止:ssl = 0x7fa2258640:SSL库失败,通常是协议错误

时间:2018-01-31 10:18:03

标签: java android servlets

我正在尝试一个演示Android应用程序来连接servlet(本地服务器和aws实例),它给出了握手失败错误。我也试过过volley和http客户端。相关代码和logcat结果如下。目前我正在使用Android 7.1版和redmi 5A手机进行测试。

import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URL;
import java.net.URLConnection;
import android.app.Activity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;

public class MainActivity extends AppCompatActivity {

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        execute();
    }

    void execute() {
        new Thread(new Runnable() {
            public void run() {
                try {
            URL url = new URL("https://192.168.0.7:9999/WebS/welcome/test");
            URLConnection connection = url.openConnection();

            String inputString = "hello server";
            //inputString = URLEncoder.encode(inputString, "UTF-8");

            Log.d("inputString", inputString);

            connection.setDoOutput(true);
            OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream());
            out.write(inputString);
            out.close();

            BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
            Toast.makeText(MainActivity.this, in.toString(), Toast.LENGTH_LONG).show();

            in.close();
        } catch (Exception e) {
            Log.e("YOUR_APP_LOG_TAG", "I got an error", e);
        }
    }
}).start();}}

Logcat结果:

  

app_url E / YOUR_APP_LOG_TAG:我收到了一个错误消息                                                                                    javax.net.ssl.SSLHandshakeException:握手失败                                                                                         在   com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:429)                                                                                         在com.android.okhttp.Connection.connectTls(Connection.java:235)                                                                                         在com.android.okhttp.Connection.connectSocket(Connection.java:199)                                                                                         在com.android.okhttp.Connection.connect(Connection.java:172)                                                                                         在   com.android.okhttp.Connection.connectAndSetOwner(Connection.java:367)                                                                                         在   com.android.okhttp.OkHttpClient $ 1.connectAndSetOwner(OkHttpClient.java:130)                                                                                         在   com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)                                                                                         在   com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:247)                                                                                         在   com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457)                                                                                         在   com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126)                                                                                         在   com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:257)                                                                                         在   com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)                                                                                         在   com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java)                                                                                         在      com.example.cg_dte.app_url.MainActivity $ 1.run(MainActivity.java:41)                                                                                         在java.lang.Thread.run(Thread.java:760)                                                                                      抑制:javax.net.ssl.SSLHandshakeException:握手失败                                                                                          ......还有15个                                                                                          抑制:javax.net.ssl.SSLHandshakeException:握手失败                                                                                              ......还有15个                                                                                          引起:javax.net.ssl.SSLProtocolException:SSL握手   aborted:ssl = 0x7fa2258640:SSL库失败,通常是协议   错误                                                                                     错误:100000f7:SSL例程:OPENSSL_internal:WRONG_VERSION_NUMBER   (external / boringssl / src / ssl / tls_record.c:192 0x7f94590e7e:0x00000000)                                                                                         在com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(原生   方法)                                                                                         在   com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)                                                                                                  ......还有14个                                                                                      引起:javax.net.ssl.SSLProtocolException:SSL握手中止:   ssl = 0x7fa2258640:SSL库失败,通常是协议错误                                                                                     错误:100000f7:SSL例程:OPENSSL_internal:WRONG_VERSION_NUMBER   (external / boringssl / src / ssl / tls_record.c:192 0x7f94590e7e:0x00000000)                                                                                         在com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(原生   方法)                                                                                         在   com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)                                                                                              ......还有14个                                                                                      引起:javax.net.ssl.SSLProtocolException:SSL握手中止:   ssl = 0x7fa2258640:SSL库失败,通常是协议错误                                                                                     错误:100000f7:SSL例程:OPENSSL_internal:WRONG_VERSION_NUMBER   (external / boringssl / src / ssl / tls_record.c:192 0x7f94590e7e:0x00000000)                                                                                         在com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(原生   方法)                                                                                         在   com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)                                                                                          ......还有14个

2 个答案:

答案 0 :(得分:1)

URL url = new URL("https://192.168.0.7:9999/WebS/welcome/test");

此URL还包含端口规范(端口9999)。确保SSL服务器实例(HTTPS协议)配置为在该端口上侦听,也许您是错误地连接到服务器的非SSL实例(HTTP协议)。

例如尝试使用不安全的URL url = new URL("http://192.168.0.7:9999/WebS/welcome/test");,以查看通信是否在该地址上使用HTTP协议。如果是,则需要连接到HTTPS的其他端口。最简单的选择是首先尝试使用默认的SSL端口(443),即只需删除端口号:URL url = new URL("https://192.168.0.7/WebS/welcome/test");

您也可以在自己喜欢的浏览器中尝试所有这些变种的url,以查看它的想法(我个人使用的是Firefox,带有指向HTTP的端口的url确实产生了关于错误证书长度的奇怪错误,等等。 ..一旦我将URL固定为指向HTTPS实例,firefox只会报告由于使用了自签名证书而导致的不安全连接,这是预期的并且可以理解的。

如果没有对移动应用程序进行进一步配置,则正确的HTTPS URL可能会因javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.而失败-如果您正在对本地服务器使用自签名证书。哪个是不同的问题,并且有很多文档说明如何处理(以及总体上如何固定证书,检查域名和创建安全连接)。

但是WRONG_VERSION_NUMBER (external/boringssl/src/ssl/tls_record.c:建议您无意中连接到服务器的未加密HTTP实例,然后SSL握手就完全混乱了。

答案 1 :(得分:0)

我有同样的问题,我可以通过从网址中删除's'来解决它。

请将网址更改为

URL url = new URL("http://192.168.0.7:9999/WebS/welcome/test");