javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
I am calling https webservice and its works fine before, but now when i am trying to call it its give me following errors.
Log Errors :
12-23 06:28:11.969: W/System.err(3014): javax.net.ssl.SSLException: SSL handshake aborted: ssl=0x1cc160: I/O error during system call, Connection reset by peer
12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:474)
12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl$SSLInputStream.<init>(OpenSSLSocketImpl.java:750)
12-23 06:28:11.979: W/System.err(3014): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:692)
12-23 06:28:11.979: W/System.err(3014): at crittercism.android.aa.getInputStream(Unknown Source)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java:93)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java:83)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java:170)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java:106)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java:129)
12-23 06:28:11.979: W/System.err(3014): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:171)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
12-23 06:28:11.989: W/System.err(3014): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
I am using following code for calling https webservice.
public static void trustAllHosts() {
X509TrustManager easyTrustManager = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// Oh, I am easy!
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// Oh, I am easy!
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { easyTrustManager };
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
public static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore
.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
MySSLSocketFactory.java
public class MySSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");
public MySSLSocketFactory(KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException, UnrecoverableKeyException {
super(truststore);
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
}
@Override
public Socket createSocket(Socket socket, String host, int port,
boolean autoClose) throws IOException, UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port,
autoClose);
}
@Override
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
}
It is working fine before, but now it fails. There are no any changes made in server.
I already refered
- Android-Query - Random SSLExceptions
- Intermittent Connection Reset by Peer errors in Android connecting to .NET REST endpoint
- Android HTTPS exception Connection reset by peer
- Why is HttpUrlConnection throwing an SSLException while on a mobile data connection?
I have tested it in both wifi and mobile data. Application not works in both.
If anybody face this problem before then please help me to solve it.
Solution 1:
I also got the same exception. I found that it was due to TLS 1.0 protocol was not supported by server.
I observed that Android device, http connection fails to the server where TLS 1.0 is not supported. I searched every where about the bug, but did not find anything related to this problem. And the problem was solved, when the TLS 1.0 protocol support was added to the server.You can check your server / hostname protocol support using https://www.ssllabs.com/ssltest.
Solution 2:
There could be 2 reasons:
Certificates could be expired at client or server end.
Solution: Extend expiry date of existing certificate or Exhange new certificates.
Server port has been reset to some else port.
Solution: I have faced this port change problem, normally due to server maintenance or patch update, sometimes port of the service get change. Ask the person who has provided you the wsdl to regenerate wsdl on their server and check the port no whether it is matching with existing wsdl at client side or not. Most probably this would be the case here.
Solution 3:
We had this same issue starting this morning and got it solved.
SSL on IIS 8
- Every thing was working fine yesterday and last night our SSL was updated on the IIS site.
- While checking out the site Bindings to the SSL we noticed that IIS8 has a new checkbox "Require Server Name Indication", it was not checked so we proceeded to enable it.
- That triggered the problem.
- Went back to IIS, disabled the checkbox.... problem solved!
Solution 4:
I was having the same issue for some Android devices. Found the solution by IIS server settings.
Steps:
- Open IIS
- Select the site on which you are working
- Edit site binding
- Uncheck Required Server Name Identification
- Click OK
Reference screenshot:
Hope this would helps you.