CODEWITHSUNDEEP
javaandroidsslretrofitretrofit2
nmfzone
nmfzone

Reputation: 2903

Failed to connect to HTTPS using Retrofit 2 in Android < 21

So, I've tried to connect my API https://api.*****.id that use TLS v1.2 (Let's Encrypt) through my Android.

Everything works as normal when using Android > 20, but when using Android < 21 the android monitor says:

W/dalvikvm: VFY: unable to find class referenced in signature (Ljava/nio/file/Path;)
W/dalvikvm: VFY: unable to find class referenced in signature ([Ljava/nio/file/OpenOption;)
I/dalvikvm: Could not find method java.nio.file.Files.newOutputStream, referenced from method okio.Okio.sink
W/dalvikvm: VFY: unable to resolve static method 23633: Ljava/nio/file/Files;.newOutputStream (Ljava/nio/file/Path;[Ljava/nio/file/OpenOption;)Ljava/io/OutputStream;
D/dalvikvm: VFY: replacing opcode 0x71 at 0x000a
W/dalvikvm: VFY: unable to find class referenced in signature (Ljava/nio/file/Path;)
W/dalvikvm: VFY: unable to find class referenced in signature ([Ljava/nio/file/OpenOption;)
I/dalvikvm: Could not find method java.nio.file.Files.newInputStream, referenced from method okio.Okio.source
W/dalvikvm: VFY: unable to resolve static method 23632: Ljava/nio/file/Files;.newInputStream (Ljava/nio/file/Path;[Ljava/nio/file/OpenOption;)Ljava/io/InputStream;
D/dalvikvm: VFY: replacing opcode 0x71 at 0x000a
D/Error: java.net.ConnectException: Failed to connect to api.*****.id/64:ff9b::8b3b:eb77:443

I've implemented the TLSSocketFactory from here https://gist.github.com/fkrauthan/ac8624466a4dee4fd02f

Then have used it something like this:

httpClient = new OkHttpClient.Builder();

ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
                .tlsVersions(TlsVersion.TLS_1_2, TlsVersion.TLS_1_1)
                .build();

if (Build.VERSION.SDK_INT < 21) {
     X509TrustManager trustManager = TLSPatch.systemDefaultTrustManager();
     httpClient.sslSocketFactory(new TLSPatch.TLSSocketFactory(), trustManager);
}

httpClient.connectionSpecs(Collections.singletonList(spec))
     .readTimeout(60, TimeUnit.SECONDS);

Is anyone have issue something like this?

Upvotes: 1

Views: 1685

Answers (1)

nmfzone
nmfzone

Reputation: 2903

Whoops, I think, I found the problem.

Because my API uses cipher AES_256_GCM, I think SSL handshake always failed (behind the scene). So, instead uses cipher AES_256_GCM, I changed it to AES_128_GCM.

And this is my config https://gist.github.com/nmfzone/d175d66752a0c1e1f460fd559b62546f.

Then, my code works properly. Actually, without custom SSLSocketFactory in Android < 21 should also work.

Upvotes: 1

Related Questions