连接被同行翻新关闭

时间:2019-08-07 08:51:26

标签: android

我开发了一个通过API与我的服务器通信的应用程序,并且我使用了Retrofit库,该应用程序在我的Kit-Kat移动设备上运行良好,但是现在我得到了 HTTP FAILED: javax.net.ssl.SSLHandshakeException: Connection closed by peer来自翻新记录器,我知道服务器无法执行任何操作 请帮助,谢谢前进

是否存在问题,因为我使用共享托管?

这是我在Logcat中得到的东西 Error

2 个答案:

答案 0 :(得分:0)

确保已从服务器端启用了TLS。

答案 1 :(得分:0)

某些Kit Kat设备根本没有启用或安装TLS 1.2。可以在后端使用旧版本,也可以在应用中启用它。

要添加对TLS 1.2的支持,您应该拥有Google Play服务,并可以在Application方法的onCreate类中执行此操作:

try {
    ProviderInstaller.installIfNeeded(this)
} catch (e: GooglePlayServicesRepairableException) {
    GoogleApiAvailability.getInstance().showErrorNotification(this, e.connectionStatusCode)
} catch (e: GooglePlayServicesNotAvailableException) {
    Timber.e(e)
}

要确保在所有设备上都启用了此功能,请使用:

class Tls12SocketFactory(private val delegate: SSLSocketFactory) : SSLSocketFactory() {
    companion object {
        private val trustManager by lazy {
            val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
            trustManagerFactory.init(null as KeyStore?)
            trustManagerFactory.trustManagers
                .first { it is X509TrustManager } as X509TrustManager
        }

        fun OkHttpClient.Builder.enableTls12() = apply {
            if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP_MR1) {
                try {
                    val sslContext = SSLContext.getInstance(TlsVersion.TLS_1_2.javaName())
                    sslContext.init(null, arrayOf(trustManager), null)

                    sslSocketFactory(Tls12SocketFactory(sslContext.socketFactory), trustManager)
                } catch (e: Exception) {
                    Timber.e(e, "Error while setting TLS 1.2 compatibility")
                }
            }
        }
    }

    private fun Socket.patchForTls12(): Socket {
        return (this as? SSLSocket)?.apply {
            enabledProtocols += TlsVersion.TLS_1_2.javaName()
        } ?: this
    }

    override fun getDefaultCipherSuites(): Array<String> {
        return delegate.defaultCipherSuites
    }

    override fun getSupportedCipherSuites(): Array<String> {
        return delegate.supportedCipherSuites
    }

    @Throws(IOException::class)
    override fun createSocket(s: Socket, host: String, port: Int, autoClose: Boolean): Socket? {
        return delegate.createSocket(s, host, port, autoClose)
            .patchForTls12()
    }

    @Throws(IOException::class, UnknownHostException::class)
    override fun createSocket(host: String, port: Int): Socket? {
        return delegate.createSocket(host, port)
            .patchForTls12()
    }

    @Throws(IOException::class, UnknownHostException::class)
    override fun createSocket(host: String, port: Int, localHost: InetAddress, localPort: Int): Socket? {
        return delegate.createSocket(host, port, localHost, localPort)
            .patchForTls12()
    }

    @Throws(IOException::class)
    override fun createSocket(host: InetAddress, port: Int): Socket? {
        return delegate.createSocket(host, port)
            .patchForTls12()
    }

    @Throws(IOException::class)
    override fun createSocket(address: InetAddress, port: Int, localAddress: InetAddress, localPort: Int): Socket? {
        return delegate.createSocket(address, port, localAddress, localPort)
            .patchForTls12()
    }
}

然后在创建OkHttpClient时使用它,如下所示:

OkHttpClient.Builder()
            .enableTls12()
            .build()
相关问题
最新问题