SSLProtocolException:SSL握手终止:ssl = 0xce70fa40:SSL库失败,通常是协议错误

时间:2018-10-15 03:57:30

标签: java android ssl

对于Android 7.0和7.1,我的一台服务器出现以下错误

javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0xce70fa40: Failure in SSL library, usually a protocol error
error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE (external/boringssl/src/ssl/s3_pkt.c:610 0xcf5dfda0:0x00000001)
error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (external/boringssl/src/ssl/s3_clnt.c:764 0xe3062196:0x00000000)

这也是我的http-client代码看起来像在android应用程序中调用服务器

OkHttpClient httpClient = new OkHttpClient();

Request request = new Request.Builder().url(urlStr).build();

Response response = httpClient.newCall(request).execute();

Map<String, List<String>> headers = response.headers().toMultimap();
byte[] contents = null;

contents = response.body().toString().getBytes();

我尝试了SO提到的所有可能的解决方案,但是没有任何效果。如果我回到Android 6.0及更低版本,一切似乎都可以正常工作。我不确定这是否是密码套件问题。我将尝试抓住一个wireshark网络握手并将其发布在这里。

有人有什么主意吗?

nmap提供了有关密码套件的信息

PORT    STATE SERVICE
XXX/tcp open  snpp
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|   TLSv1.1:
|     ciphers:
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|   TLSv1.2:
|     ciphers:
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|_  least strength: C

0 个答案:

没有答案
相关问题
最新问题