Does the code work in the emulator with 2.3 and/or 3.0? A significant amount of work went into both the SSLSocket/OpenSSL code in 2.3 as well as HttpsURLConnection code, including proxy work.
If the problem is inherently something wrong in HttpsURLConnection in 2.1/2.2, I'd recommend trying Apache HTTP Client, there are usage examples in the open source tree as it is used by the Browser and Email in those releases. -bri On Tue, Mar 15, 2011 at 12:00 AM, swapnil kamble <[email protected]>wrote: > Hi All. I need some suggestion in resolving SSL handshake failure issue. > When trying to connect to HTTPS url using javax.net.ssl.HttpsURLConnection in > android with code below. I set the properties for proxy host, port and tried > opening https connection. >> >> >> >> >> props.setProperty("https.proxyHost","co.proxyserver.com"); >> props.setProperty("https.proxyPort","8000"); >> >> URL targetURL = new URL("https://www.fortify.net";); // >> http://www.fortify.net works properly >> >> >> >> >> HttpsURLConnection connection = (HttpsURLConnection) >> targetURL.openConnection(); >> //Proxy proxy = new Proxy(Proxy.Type.HTTP,new >> InetSocketAddress("co.proxyserver.com",8000));//Doesn't work either >> >> >> >> >> //connection = (HttpsURLConnection) targetURL.openConnection(proxy); >> //java.io.IOException: SSL handshake failure: I/O error during system call, >> Unknown error: 0 >> >> connection.connect(); >> >> >> The same code works perfectly fine when ran with jdk on desktop. >> >> >> >> >> There is something SSL protocol related error during ssl handshake in >> s23_clnt.c of openssl code. >> >> There are no issues in connecting to http URLs. >> >> >> *- Steps to reproduce * >> 1. Use the above code in an android activity >> >> >> >> >> 2. Run it behind the proxy by correctly replacing proxy host and port >> *- What happened.* >> 03-15 11:41:28.069: WARN/System.err(1312): java.io.IOException: SSL >> handshake failure: Failure in SSL library, usually a protocol error >> >> >> >> >> 03-15 11:41:28.069: WARN/System.err(1312): error:140770FC:SSL >> routines:SSL23_GET_SERVER_HELLO:unknown protocol >> (external/openssl/ssl/s23_clnt.c:597 0x80cfb51f:0x00000000) >> 03-15 11:41:28.069: WARN/System.err(1312): at >> org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native >> Method) >> >> >> >> >> 03-15 11:41:28.069: WARN/System.err(1312): at >> org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305) >> 03-15 11:41:28.069: WARN/System.err(1312): at >> org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket(HttpConnection.java:168) >> >> >> >> >> 03-15 11:41:28.070: WARN/System.err(1312): at >> org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection$HttpsEngine.connect(HttpsURLConnection.java:404) >> 03-15 11:41:28.070: WARN/System.err(1312): at >> org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:146) >> >> >> >> >> 03-15 11:41:28.091: WARN/System.err(1312): at >> com.android.proxytest.HttpProxyTest.javaHttpsRequest(HttpProxyTest.java:354) >> 03-15 11:41:28.092: WARN/System.err(1312): at >> com.android.proxytest.HttpProxyTest.access$800(HttpProxyTest.java:49) >> >> >> >> >> 03-15 11:41:28.092: WARN/System.err(1312): at >> com.android.proxytest.HttpProxyTest$8$1.run(HttpProxyTest.java:163) >> 03-15 11:41:28.092: WARN/System.err(1312): at >> java.lang.Thread.run(Thread.java:1096) >> >> This issue is there in both in eclair as well as froyo. Attached the code >> for reference. >> > Thanks >> Swapnil >> > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
