我使用OkHttp作为Retrofit的客户端。 我无法点击某个https网址。 此服务器仅支持TLS 1.0,并且以下密码为TLS_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_RC4_128_MD5
这是我如何实例化我的OkHttpClient:
OkHttpClient client = new OkHttpClient(); try { // Create a trust manager that does not validate certificate chains final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { @Override public void checkClientTrusted( java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }}; // Install the all-trusting trust manager final SSLContext sslContext = SSLContext.getInstance("TLSv1"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); // Create an ssl socket factory with our all-trusting manager final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); client.setSslSocketFactory(sslSocketFactory); client.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); } catch (Exception e) { throw new RuntimeException(e); } return client; }我的应用程序不断抛出此异常:
javax.net.ssl.SSLProtocolException:SSL握手中止:ssl = 0x9742f000:SSL库失败,通常是协议错误错误:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3警报握手失败(external / openssl / ssl / s23_clnt.c:770 0xab9fcc4d:00000000)
I am using OkHttp as the client in Retrofit. I am unable to hit a certain https url. This server supports TLS 1.0 only and the following ciphers TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_RC4_128_MD5
Here's how I am instantiating my OkHttpClient:
OkHttpClient client = new OkHttpClient(); try { // Create a trust manager that does not validate certificate chains final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { @Override public void checkClientTrusted( java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }}; // Install the all-trusting trust manager final SSLContext sslContext = SSLContext.getInstance("TLSv1"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); // Create an ssl socket factory with our all-trusting manager final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); client.setSslSocketFactory(sslSocketFactory); client.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); } catch (Exception e) { throw new RuntimeException(e); } return client; }And my app keeps throwing this exception:
javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x9742f000: Failure in SSL library, usually a protocol error error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:770 0xab9fcc4d:0x00000000)
最满意答案
自OkHttp v2.3( 发行说明 )以来,OkHttp不再支持其默认配置中的RC4。 您可以使用ConnectionSpec ( javadoc )来启用它, ConnectionSpecTest.java ( 源代码 )显示了一些示例。
OkHttp no longer supports RC4 in its default config since OkHttp v2.3 (release notes). You can use the ConnectionSpec (javadoc) to enable it, the ConnectionSpecTest.java (source code) shows some examples.
更多推荐
发布评论