CODEWITHSUNDEEP
javaandroidapachesslandroid-studio
chiliNUT
chiliNUT

Reputation: 19573

android - SSL problems in android studio emulator, works fine on phone

I have an app which makes calls to a web service over https. When I run the apk on my phone, it works great. However, in the emulator, all of the POST requests over SSL fail with:

Read error: ssl=0xb402be00: Failure in SSL library, usually a protocol error error:100c50bf:SSL routines:ssl3_read_bytes:NO_RENEGOTIATION (external/boringssl/src/ssl/s3_pkt.c:852 0xabf7fcd7:0x00000000)

In the access logs on our server, it reports a 403 (Forbidden) whenever the emulator tries to hit the webservice, apparantly because the emulator is not hand-shaking properly with our server. There a bunch of lines like this in apache's error log

[Thu Aug 20 12:21:21 2015] [error] [client xxx.xxx.xxx.xxx] Re-negotiation handshake failed: Not accepted by client!?

Apache actually added the "!?" so it looks like a seriously unexpected error.

In my IDE, I have ticked the option for "Accept non-trusted certificates automatically" but that doesn't make a difference.

I have seen solutions on the web for fixing various SSL issues in android, however, they all seem to be the phone itself having an issue, and require code modification. Since it works fine on the phone, it seems like this is an Android Studio problem, and I should be able to correct this with a configuration setting. Or maybe I have to do something in a apache?

Bottom line: How can I get my app to talk to an SSL webservice in the emulator in Android Studio?

Using Studio 1.3.1, Java 1.7.0_65, 

compileSdkVersion 21
buildToolsVersion "22.0.1"
defaultConfig {
    applicationId "com.bla.bla"
    minSdkVersion 14
    targetSdkVersion 19
    multiDexEnabled true
    versionCode 12
    versionName '1.2.0.8'

Upvotes: 8

Views: 12521

Answers (2)

GMLewisII
GMLewisII

Reputation: 366

I believe this is because the emulator will reset your CA Certificates each time it runs.

Checkout out this post on Setting up a persistent trusted CA in an Android emulator

Please be aware that the location of the CA Certs have changed in Marshmallow, I'll update with some additional information ASAP

Upvotes: 2

klimat
klimat

Reputation: 24991

I suggest you to trust the certificate from SSL protected server in runtime.

This approach is independent of the device configuration and works fine for phone and emulator as well.

I wrote small library to do so.

Read more about this topic on my blog post:

https://mklimek.github.io/trust-specific-certificate-on-jvm/

Upvotes: 1

Related Questions