0

I've got this error while trying to connect to prozis.com website through Jsoup in android 4.2.2, but failing because the site only accepts TLS 1.2. I've done some reading and I found it's a problem with the SSLv3 protocol not being enabled by default in this version of android. But as I'm using Jsoup, I can't extend the main class and use a custom SSLSocketFactory class. Is there some other way to disable SSLv3 or force TLS1.x in android 4?

String url;
@Override
protected Document doInBackground(String... params) {
    this.url = params[0];
    Document resultDocument = null;
    try {
        resultDocument = Jsoup
                .connect(url)
                .validateTLSCertificates(false)
                .userAgent(userAgent)
                .timeout(NET_TIMEOUT)
                .maxBodySize(0) //sem limite de tamanho do doc recebido
                .get();

    } catch (IOException e) {
        e.printStackTrace();
    }
    return resultDocument;


09-29 01:45:51.662 3447-3471 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.662 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.662 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:195)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:186)
09-29 01:45:51.674 3447-3471 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.674 3447-3471 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.674 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)
09-29 01:45:51.674 3447-3471 W/System.err:  ... 18 more
09-29 01:45:51.682 3447-3465 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:346)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:328)
09-29 01:45:51.682 3447-3465 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.682 3447-3465 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)

09-29 01:45:51.682 3447-3465 W/System.err: ... 18 more

Improve this question
2
  • You need to disable the SSLv2 handshake, not SSLv3. Commented Sep 29, 2017 at 2:52
  • How can I disable SSLv2 for Jsoup connections? or is there some other system command to achieve that? Commented Sep 29, 2017 at 11:17

2 Answers 2

Reset to default
1

Found out how to make this work using NetCipher library. Answer from another question answered by Hans-Christoph Steiner: https://stackoverflow.com/a/32466614/6723008

In the build.gradle (app module) file include the NetCipher compile dependency, latest version is 1.2:

compile 'info.guardianproject.netcipher:netcipher:1.2'

(Or you can download the netcipher-1.2.jar and include it directly in your app.)

Usage: 

HttpsURLConnection netCipherconnection = NetCipher.getHttpsURLConnection(url);
netCipherconnection.connect();

BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(netCipherconnection.getInputStream()));
StringBuilder stringBuilder = new StringBuilder();
String stringHTML;
while ((stringHTML = bufferedReader.readLine()) != null)
    stringBuilder.append(stringHTML);
bufferedReader.close();
Document resultDocument = Jsoup.parse(String.valueOf(stringBuilder));
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Not working for me, the same error: Handshake failed. Working like charm on simulator though.
0

try this work as well make SSLHelper at first

key word : Jsoup SSl SSLHandshakeException

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

/**
 * Created by Javad on 2017-12-05 at 8:29 PM.
 */
public class SSLHelper {

  public static void enableSSLSocket() throws KeyManagementException, NoSuchAlgorithmException {
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
      public boolean verify(String hostname, SSLSession session) {
        return true;
      }
    });

    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, new X509TrustManager[]{new X509TrustManager() {
      public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
      }

      public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
      }

      public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
      }
    }}, new SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
  }
}

then conncet to your Server like this :

    private void connectToServer() {
  new Thread(new Runnable() {
    @Override
    public void run() {
      try {
        SSLHelper.enableSSLSocket();
        Connection.Response response = Jsoup
          .connect("https://URL")
          .method(Connection.Method.POST)
          .data("KEY", "VALUE")
          .validateTLSCertificates(true)
          .followRedirects(true)
          .execute();
        Log.i("response", response.toString());
        Log.i("response", response.headers().toString());
        Log.i("response", response.body());

        Document doc = response.parse();
        String result = doc.body().text();

      } catch (IOException e) {
        e.printStackTrace();
        G.toast("ERROR !");
      } catch (java.security.NoSuchAlgorithmException | java.security.KeyManagementException e) {
        e.printStackTrace();
      }
    }
  }).start();
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.