启用了Android WebViewClient具体的SSL协议 [英] Enabling specific SSL protocols with Android WebViewClient
问题描述
我的应用程序使用WebViewClient使SSL连接到服务器。 服务器被配置为仅接受TLSv1.1和上述协议
My application uses WebViewClient to make SSL connections to the server. The server is configured to only accept TLSv1.1 and above protocols.
1)如何检查的SSL协议是一个)支持和b)在设备上采用了Android WebViewClient时,默认情况下启用。
2)如何启用特定的SSL协议在我的应用程序使用的Android WebViewClient实例。
1) How do I check which SSL protocols are a) Supported and b) Enabled by default when using Android WebViewClient on a device.
2) How do I enable specific SSL protocols for Android WebViewClient instance used in my application.
在运行Android 4.3的测试设备之一,
WebViewClient抛出onReceivedError回调说明无法执行SSL握手
铬日志如下:
01-29 15:58:00.073 5486 5525W¯¯chromium_net:外部/铬/ NET / HTTP / http_stream_factory_impl_job.cc:865:0129/155800:警告:http_stream_factory_impl_job.cc(865)回落至SSLv3的,因为主机是TLS不耐:10.209.126.125:443 01-29 15:58:00.083 5486 5525Ëchromium_net:外部/铬/ NET /插座/ ssl_client_socket_openssl.cc:792:0129/155800:ERROR:ssl_client_socket_openssl.cc(792)]握手失败;返回0,SSL错误code 5,net_error -107
On one of the test devices running Android 4.3,
WebViewClient throws onReceivedError callback with description "Failed to perform SSL handshake"
Chrome logs are as follows:
01-29 15:58:00.073 5486 5525 W chromium_net: external/chromium/net/http/http_stream_factory_impl_job.cc:865: [0129/155800:WARNING:http_stream_factory_impl_job.cc(865)] Falling back to SSLv3 because host is TLS intolerant: 10.209.126.125:443 01-29 15:58:00.083 5486 5525 E chromium_net: external/chromium/net/socket/ssl_client_socket_openssl.cc:792: [0129/155800:ERROR:ssl_client_socket_openssl.cc(792)] handshake failed; returned 0, SSL error code 5, net_error -107
我的应用程序也使用的HttpClient和HttpsUrlConnection课程设置SSL连接。我能使用SSLSocket API使用这些类时启用特定的协议。 <一href="http://developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])">http://developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])
My application also uses HttpClient and HttpsUrlConnection classes to setup SSL Connections. I was able to use SSLSocket API to enable specific protocols when using these classes. http://developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])
我需要与WebViewClient这样做。
I need to do the same with WebViewClient.
推荐答案
如果您的应用程序使用,或者你愿意用,谷歌播放服务,您可以在旧的手机使用新的安全功能,通过安装其提供。它很容易安装,只有一条线(加异常处理等)。您还需要添加谷歌游戏服务,您的摇篮文件,如果您还没有拥有它。 ProviderInstaller 包含在 - 基包。
If your app is using, or you are willing to use, Google Play services, you can use newer security features on older phones by installing their Provider. It is easy to install, only one line (plus exception handling, etc). You will also need to add google play services to your gradle file if you do not already have it. ProviderInstaller is included in the -base package.
try {
ProviderInstaller.installIfNeeded(this);
} catch (GooglePlayServicesRepairableException e) {
// Fix it
} catch (GooglePlayServicesNotAvailableException e) {
// Skip it
}
有关完整的示例,请参见更新您的安全提供程序,以防止SSL漏洞从谷歌。
For a full example, see "Updating Your Security Provider to Protect Against SSL Exploits" from Google.
这篇关于启用了Android WebViewClient具体的SSL协议的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
