我正在运行本地服务器(Android应用内的嵌入式https服务器),它使用.bks(自签名证书类型)。当Android应用程序尝试使用ssl进行连接时,会出现以下错误。 在这里,您还可以看到服务器日志,其中打印已启用的密码套件以及已启用的协议。 当我尝试使用java执行相同的测试用例时,一切都很完美。 只是,问题出现在android中。任何帮助将不胜感激。 Android 7.0版 最低SDK:22
I've already googled a lot with the following URL's but none of them helped me.
https://github.com/nelenkov/custom-cert-https/issues/1
https://stackoverflow.com/questions/11117486/wrong-version-of-keystore-on-android-call
http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html
https://stackoverflow.com/questions/11963852/wrong-version-of-key-store-error-how-can-i-create-a-version-1-keystore-certif/16050758
https://stackoverflow.com/questions/39275309/ssl-handshake-excetion-failure-in-ssl-library-usually-a-protocol-error
https://github.com/k9mail/k-9/issues/2146
http://callistaenterprise.se/blogg/teknik/2011/11/24/android-tlsssl-mutual-authentication/
https://developer.android.com/reference/java/security/KeyStore.html
https://developer.android.com/training/articles/security-ssl.html#nogotofail
https://developer.android.com/reference/javax/net/ssl/SSLSocket.html
https://www.synyx.de/blog/android-and-self-signed-ssl-certificates/
https://github.com/johnjohndoe/CampFahrplan/pull/1
https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/
https://github.com/johnjohndoe/CampFahrplan/pull/1/files/06d3a93ca91bfe070fdd88fe8bf7b66b6ef6b5ba#diff-838fbd8111b382e1820f9f90e38407a1
https://stackoverflow.com/questions/7416096/android-webview-not-loading-an-https-url
https://stackoverflow.com/questions/29916962/javax-net-ssl-sslhandshakeexception-javax-net-ssl-sslprotocolexception-ssl-han
=======================================================
I/System.out: [Mon Mar 26 12:05:14 PDT 2018] TJWS httpd :: - ServerSocket[addr=::/::,localport=9161] is listening.
I/TJWSService: [2018-03-26 12:05:15.4 PDT] INFO [TJWSService(639)] - Serve running:true
I/TJWSService: [2018-03-26 12:05:15.4 PDT] INFO [TJWSService(639)] - TJWSServer has started!!!
D/SplashActivity: [2018-03-26 12:05:15.4 PDT] DEBUG [SplashActivity(655)] - com.rslakra.android.framework.events.AndroidEvent@58dc649
I/System.out: (HTTPLog)-Static: isSBSettingEnabled false
I/System.out: (HTTPLog)-Static: isSBSettingEnabled false
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledCipherSuites:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
I/System.out: TLS_ECDHE_RSA_WITH_RC4_128_SHA
I/System.out: TLS_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_128_CBC_SHA
I/System.out: SSL_RSA_WITH_RC4_128_SHA
I/System.out: TLS_PSK_WITH_RC4_128_SHA
I/System.out: SSL_RSA_WITH_RC4_128_MD5
I/System.out: SSL_RSA_WITH_3DES_EDE_CBC_SHA
I/System.out: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
I/System.out: TLS_FALLBACK_SCSV
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledProtocols:TLSv1
I/System.out: TLSv1.1
I/System.out: TLSv1.2
I/System.out: [Mon Mar 26 12:05:15 PDT 2018]
I/System.out: javax.net.ssl.SSLHandshakeException: Handshake failed
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:444)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:713)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:675)
I/System.out: at Acme.Serve.Serve$ServeConnection.<init>(Serve.java:2209)
I/System.out: at Acme.Serve.Serve.serve(Serve.java:991)
I/System.out: at com.rslakra.android.server.TJWSService$3.run(TJWSService.java:484)
I/System.out: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7fa6b56a00: Failure in SSL library, usually a protocol error
I/System.out: error:100000b8:SSL routines:OPENSSL_internal:NO_SHARED_CIPHER (external/boringssl/src/ssl/s3_srvr.c:1059 0x7fa503e253:0x00000000)
I/System.out: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
I/System.out: ... 5 more
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledCipherSuites:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
I/System.out: TLS_ECDHE_RSA_WITH_RC4_128_SHA
I/System.out: TLS_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_128_CBC_SHA
I/System.out: SSL_RSA_WITH_RC4_128_SHA
I/System.out: TLS_PSK_WITH_RC4_128_SHA
I/System.out: SSL_RSA_WITH_RC4_128_MD5
I/System.out: SSL_RSA_WITH_3DES_EDE_CBC_SHA
I/System.out: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
I/System.out: TLS_FALLBACK_SCSV
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledProtocols:TLSv1
I/System.out: TLSv1.1
I/System.out: TLSv1.2
I/System.out: [Mon Mar 26 12:05:15 PDT 2018]
I/System.out: javax.net.ssl.SSLHandshakeException: Handshake failed
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:444)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:713)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:675)
I/System.out: at Acme.Serve.Serve$ServeConnection.<init>(Serve.java:2209)
I/System.out: at Acme.Serve.Serve.serve(Serve.java:991)
I/System.out: at com.rslakra.android.server.TJWSService$3.run(TJWSService.java:484)
I/System.out: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7fa6b56a00: Failure in SSL library, usually a protocol error
I/System.out: error:1000009d:SSL routines:OPENSSL_internal:INAPPROPRIATE_FALLBACK (external/boringssl/src/ssl/ssl_lib.c:1475 0x7fa503e253:0x00000000)
I/System.out: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
I/System.out: ... 5 more
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledCipherSuites:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
I/System.out: TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
I/System.out: TLS_ECDHE_RSA_WITH_RC4_128_SHA
I/System.out: TLS_RSA_WITH_AES_256_GCM_SHA384
I/System.out: TLS_RSA_WITH_AES_128_GCM_SHA256
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_256_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_256_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA
I/System.out: TLS_RSA_WITH_AES_128_CBC_SHA256
I/System.out: TLS_PSK_WITH_AES_128_CBC_SHA
I/System.out: SSL_RSA_WITH_RC4_128_SHA
I/System.out: TLS_PSK_WITH_RC4_128_SHA
I/System.out: SSL_RSA_WITH_RC4_128_MD5
I/System.out: SSL_RSA_WITH_3DES_EDE_CBC_SHA
I/System.out: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
I/System.out: TLS_FALLBACK_SCSV
I/System.out: [Mon Mar 26 12:05:15 PDT 2018] enabledProtocols:TLSv1
I/System.out: TLSv1.1
I/System.out: TLSv1.2
I/System.out: [Mon Mar 26 12:05:15 PDT 2018]
I/System.out: javax.net.ssl.SSLHandshakeException: Handshake failed
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:444)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:713)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:675)
I/System.out: at Acme.Serve.Serve$ServeConnection.<init>(Serve.java:2209)
I/System.out: at Acme.Serve.Serve.serve(Serve.java:991)
I/System.out: at com.rslakra.android.server.TJWSService$3.run(TJWSService.java:484)
I/System.out: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7fa6b56a00: Failure in SSL library, usually a protocol error
I/System.out: error:1000009d:SSL routines:OPENSSL_internal:INAPPROPRIATE_FALLBACK (external/boringssl/src/ssl/ssl_lib.c:1475 0x7fa503e253:0x00000000)
I/System.out: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
I/System.out: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
I/System.out: ... 5 more
E/TestConnection: [2018-03-26 12:05:15.5 PDT] ERROR [TestConnection(704)] - Handshake failed
javax.net.ssl.SSLHandshakeException: Handshake failed
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:444)
at com.android.okhttp.Connection.connectTls(Connection.java:1510)
at com.android.okhttp.Connection.connectSocket(Connection.java:1458)
at com.android.okhttp.Connection.connect(Connection.java:1413)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:1700)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:133)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:466)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:371)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:503)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:438)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:247)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java)
at com.rslakra.android.tjwsasapp.TestConnection.testSSLConnection(TestConnection.java:198)
at com.rslakra.android.tjwsasapp.SplashActivity.startMainActivity(SplashActivity.java:109)
at com.rslakra.android.tjwsasapp.SplashActivity.onEvent(SplashActivity.java:77)
at com.rslakra.android.framework.events.EventManager$EventHandler.handleMessage(EventManager.java:363)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:154)
at android.os.HandlerThread.run(HandlerThread.java:61)
Suppressed: javax.net.ssl.SSLHandshakeException: Handshake failed
... 20 more
Suppressed: javax.net.ssl.SSLHandshakeException: Handshake failed
... 20 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x7fa0949e00: Failure in SSL library, usually a protocol error
error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE (external/boringssl/src/ssl/s3_pkt.c:641 0x7f91215060:0x00000001)
error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (external/boringssl/src/ssl/s3_clnt.c:800 0x7fa503e253:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
... 19 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x7fa0949e00: Failure in SSL library, usually a protocol error
error:1000043e:SSL routines:OPENSSL_internal:TLSV1_ALERT_INAPPROPRIATE_FALLBACK (external/boringssl/src/ssl/s3_pkt.c:641 0x7f91215060:0x00000001)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
... 19 more
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x7fa0949e00: Failure in SSL library, usually a protocol error
error:1000043e:SSL routines:OPENSSL_internal:TLSV1_ALERT_INAPPROPRIATE_FALLBACK (external/boringssl/src/ssl/s3_pkt.c:641 0x7f91215060:0x00000001)
at com.android.org.conscrypt.NativeCrypto.SSL_do_hands`enter code here`hake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364)
... 19 more
答案 0 :(得分:0)
经过大量研究后,我发现此问题是由于无效的.bks文件引起的。我试图使用keytool和openssl来生成.bks文件,但它们都不适用于我。最后,我使用了&#34; portecle-1.11&#34;它对我有用。