0

I have android application which uses some POST methods from my Web server. And before 3 days my application was running smoothly on each android device. Today i have encountered with problem that my https POST calls works only on android device 6.0. verion. I have few more devices (5.0 and 4.3.x) and on them the same application can't establish communication with my WEB server. I have talked to hosting company which holds my Web server and they told me that they didn't changed a thing in the last three days. The strange thing is that same code works on api 23 but not on less api than that (tested 5.0. and 4.3.x). So my question is did something changed in the last three days that i didn't notice with https calls from android or what?

My code for making https call from android is below (AsyncTask)

protected String doInBackground(Object... params) {
    String param1="a";
    String param2 = "b";
    HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
    DefaultHttpClient client = new DefaultHttpClient();
    SchemeRegistry registry = new SchemeRegistry();
    SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
    socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
    //registry.register(new Scheme("http", socketFactory, 80));
    registry.register(new Scheme("https", socketFactory, 443));
    SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
    DefaultHttpClient httpclient = new DefaultHttpClient(mgr, client.getParams());

    // Set verifier
    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

    // Example send http request
    final String url = Config.url_login_async_task;
    HttpPost httppost = new HttpPost(url);

    try {
        // Add your data
        List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(2);
        nameValuePairs.add(new BasicNameValuePair("param1", param1));
        nameValuePairs.add(new BasicNameValuePair("param2", param2));
        httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
        // Execute HTTP Post Request
        response = httpclient.execute(httppost);

    } catch (ClientProtocolException e) {
    } catch (IOException e) {
    }
    try {
        //Log.d("response", response.toString());
        odgovor = EntityUtils.toString(response.getEntity());
    } catch (ParseException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }
    return odgovor;
}

I am bit confused because application stopped working properly on some devices, on some not and i would like to know why is that.

EDIT : added project gradle

buildscript {
repositories {
    jcenter()
}
dependencies {
    classpath 'com.android.tools.build:gradle:1.3.0'

    // NOTE: Do not place your application dependencies here; they belong
    // in the individual module build.gradle files
  }
 }

allprojects {
repositories {
    jcenter()
}
}

Module Gradle

apply plugin: 'com.android.application'

android {

    compileSdkVersion 23
    buildToolsVersion "23.0.1"
    packagingOptions {
        exclude 'META-INF/DEPENDENCIES.txt'
        exclude 'META-INF/DEPENDENCIES'
        exclude 'META-INF/dependencies.txt'
        exclude 'META-INF/LICENSE.txt'
        exclude 'META-INF/LICENSE'
        exclude 'META-INF/license.txt'
        exclude 'META-INF/LGPL2.1'
        exclude 'META-INF/NOTICE.txt'
        exclude 'META-INF/NOTICE'
        exclude 'META-INF/notice.txt'
    }
    defaultConfig {
        applicationId "com.x.y.z"
        minSdkVersion 15
        targetSdkVersion 23
        versionCode 1
        versionName "1.0"
    }
    buildTypes {
        release {
            minifyEnabled false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
}
dependencies {
    compile fileTree(include: ['*.jar'], dir: 'libs')
    compile 'com.android.support:appcompat-v7:23.0.1'
    compile 'com.google.android.gms:play-services:7.8.0'
}

EDIT 2 :

Tried adding useLibrary 'org.apache.http.legacy' in android {} and all other solutions from other link and still nothing successful. I read about this "deprecated" apache library, and strange thing is that on devices lower than API 22 my app crashes (it should work because on those api lvls it should work) and on API 23 it works (and it shouldn't because on API 23 it's deprecated.

EDIT 3 : new error

After closer debug and hours spent trying to find error i come up with next error in my log

Failed to set EGL_SWAP_BEHAVIOR on surface 0xa379c740, error=EGL_SUCCESS javax.net.ssl.SSLPeerUnverifiedException: No peer certificate at com.android.org.conscrypt.SSLNullSession.getPeerCertificates(SSLNullSession.java:104) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:98) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:393) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:170) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:169) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:124) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:365) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:560) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:492) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:470)

Can someone try to explain me what happened on server with certificates that this error occurred?

KuKeC
  • 4,392
  • 5
  • 31
  • 60
  • perhaps http://stackoverflow.com/questions/29294479/android-deprecated-apache-module-httpclient-httpresponse-etc – TWL Nov 21 '16 at 19:19
  • Can you explain why app stopped working without any code changes? – KuKeC Nov 21 '16 at 19:34
  • 1
    Because of possible deprecation. I suggest you check out networking libraries like Volley, Retrofit, and OkHttp – Chisko Nov 21 '16 at 19:37
  • Your target api is 22 or below, correct? – Daniel Nugent Nov 21 '16 at 20:19
  • No, my target api is 23 and it works on api 23, but on lower api i can't run those post methods. – KuKeC Nov 21 '16 at 20:33
  • If your target api is 23, that code should not even compile. Did you recently change the target api to 23? – Daniel Nugent Nov 21 '16 at 20:47
  • @DanielNugent No, this is not changed for a long time, few months and i noticed that 3 days ago all was working fine, and today it stopped on lower api than 23. I will update my gradle of project and module in question. – KuKeC Nov 21 '16 at 20:59
  • I just don't get it how did stopped working just over few days? i would understand if i compiled yesterday new version of app and that "new" one don't work, but i had application on devices for 3,4 months and without any update of application or server it just stopped working. – KuKeC Nov 22 '16 at 08:02

1 Answers1

1

This issue based on HTTPS: Securityexception in server, Once update your SSL in hosting domain, u will get proper response, otherwise u will use the below code 

HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
DefaultHttpClient httpClient = new DefaultHttpClient();
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
SingleClientConnManager mgr = new SingleClientConnManager(httpClient.getParams(), registry);
DefaultHttpClient client = new DefaultHttpClient(mgr, httpClient.getParams());

// Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

DefaultHttpClient client=new DefaultHttpClient();
HttpPost request = new HttpPost(url);
request.setEntity(new StringEntity(jobject.toString()));
request.setHeader("Content-type", "application/json");
HttpResponse response = client.execute(request);
HttpEntity resEntity = response.getEntity();
String json = EntityUtils.toString(resEntity);
KuKeC
  • 4,392
  • 5
  • 31
  • 60
Srinivas Keerthiprakasam
  • 885
  • 11
  • 29