1

D/OkHttp: <-- HTTP FAILED: javax.net.ssl.SSLException: SSL handshake aborted: ssl=0x64e3c938: I/O error during system call, Connection reset by peer

I'm getting this error on an Android 4.2.2 device. While running the same application on other devices, it works fine. Please Help.

public static Retrofit getClient(final Context context, final Server newServer) {
    if(retrofit == null || server == null || !getServer().equals(newServer) || tok != null) {
            HttpLoggingInterceptor loggingInterceptor = new HttpLoggingInterceptor();
        loggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        OkHttpClient.Builder okHttpClient = new OkHttpClient()
            .newBuilder().addInterceptor(loggingInterceptor);

        okHttpClient.addInterceptor( new Interceptor() {
                @Override
                public Response intercept(Chain chain) throws IOException {
                  String hh=tok.replace("\"", "");  //For removing the " from the token
                    Request newRequest = chain
                            .request()
                            .newBuilder()
                            .addHeader(HTTP_AUTH_HEADER,"Bearer " + hh) //token use for the Authentication.
                            .build();
                    return chain.proceed(newRequest);
                }
            });


        retrofit = new Retrofit.Builder()
                .baseUrl(getBaseUrl(context, server))
                .addConverterFactory(GsonConverterFactory.create())
                .client(okHttpClient.build())
                .build();
    }
    return retrofit;
}
private static String getBaseUrl(Context context, Server newServer) {
    StringBuilder builder = new StringBuilder();
    server = newServer; // update server address
    if(server != null && server.getAddress() != null) {
        return builder.append(server.getAddress()).toString();
    } else { // set default address
        return builder.append(BuildConfig.SERVER_ADDRESS).toString();
    }
}
}
Alex Taylor
  • 8,343
  • 4
  • 25
  • 40
Neeraj Upadhyay
  • 85
  • 4
  • 8

1 Answers1

1

Android 4.4 and Lower devices don't have default TLSv1.2 support. So, you need to make it manually.

First write down the following method.

    public static OkHttpClient.Builder enableTls12OnPreLollipop(OkHttpClient.Builder client) {
    if (Build.VERSION.SDK_INT < 22) {
        try {
            SSLContext sc = SSLContext.getInstance("SSL");
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            client.sslSocketFactory(new Tls12SocketFactory(sc.getSocketFactory()), (X509TrustManager) trustAllCerts[0]);

            ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
                    .tlsVersions(TlsVersion.TLS_1_2)
                    .build();

            ConnectionSpec csslv3 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
                    .tlsVersions(TlsVersion.SSL_3_0)
                    .build();

            List<ConnectionSpec> specs = new ArrayList<>();
            specs.add(cs);
            specs.add(csslv3);
            specs.add(ConnectionSpec.COMPATIBLE_TLS);
            specs.add(ConnectionSpec.CLEARTEXT);

            client.connectionSpecs(specs);
        } catch (Exception exc) {
            Log.e("OkHttpTLSCompat", "Error while setting TLS 1.2", exc);
        }
    }
    return client;
}

Now after this line OkHttpClient.Builder okHttpClient = new OkHttpClient().newBuilder().addInterceptor(loggingInterceptor); add the following code.

okHttpClient = enableTls12OnPreLollipop(okHttpClient);

I hope it will solve your problem.

Zahidul Islam
  • 3,180
  • 1
  • 25
  • 35