1

I have exceptions while login into a https web site using HttpsURLConnection after updating to Android 5.0 lollipop. (It worked well in android 4.4 kitkat)

05-08 02:18:12.277  32344-32482/com.soonoo.mobilecampus E/INFO﹕ javax.net.ssl.SSLHandshakeException: Handshake failed

I've read the article about android 5.0's changes. (http://developer.android.com/about/versions/android-5.0-changes.html#ssl)

It seems that I should add some cipher suites required by a server.

Can anyone please give me some advice/code about how to add cipher suites to HttpsURLConnection? I tried below answer but didn't work for me... (Which Cipher Suites to enable for SSL Socket?)

I used below code to connect: 

        HttpsURLConnection con = (HttpsURLConnection) new URL(Sites.LOGIN_URL).openConnection();
        con.setRequestMethod("POST");
        con.setRequestProperty("Content-length", String.valueOf(loginQuery.length()));
        con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        con.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0;Windows98;DigExt)");
        con.setDoOutput(true);
        con.setDoInput(true);

        DataOutputStream output = new DataOutputStream(con.getOutputStream());
        output.writeBytes(loginQuery);
        output.close();
Community
  • 1
  • 1
soonoo
  • 867
  • 1
  • 10
  • 35

1 Answers1

0

You cannot add cipher suites to a client. I suggest using an online tool like Qualys SSL Labs' SSL Server test to check what cipher suites are supported by the server. If the server does not support any cipher suite that Android 5 supports, I'm afraid there isn't much you can do from a client side.

Anand Bhat
  • 5,591
  • 26
  • 30
  • Thank you for your answer. There exists only one cipher suite that `android 5.0` and `server` support. (`TLS_RSA_WITH_RC4_128_MD5`) Same exception, however still occurs. Do you know why? – soonoo May 08 '15 at 08:50