使用 Android WebViewClient 启用特定的 SSL 协议 [英] Enabling specific SSL protocols with Android WebViewClient
问题描述
我的应用程序使用 WebViewClient 与服务器建立 SSL 连接.服务器配置为仅接受 TLSv1.1 及以上协议.
My application uses WebViewClient to make SSL connections to the server.
The server is configured to only accept TLSv1.1 and above protocols.
- 在设备上使用 Android
WebViewClient时,如何检查 a) 支持哪些 SSL 协议和 b) 默认启用. - 如何为我的应用程序中使用的 Android WebViewClient 实例启用特定的 SSL 协议.
- How do I check which SSL protocols are a) Supported and b) Enabled by default when using Android
WebViewClienton a device. - How do I enable specific SSL protocols for Android WebViewClient instance used in my application.
在运行 Android 4.3 的其中一台测试设备上,WebViewClient 抛出带有以下描述的 onReceivedError 回调:
On one of the test devices running Android 4.3,
WebViewClient throws onReceivedError callback with the following description:
无法执行 SSL 握手"
"Failed to perform SSL handshake"
Chrome 日志如下:
Chrome logs are as follows:
01-29 15:58:00.073 5486 5525 W chromium_net: external/chromium/net/http/http_stream_factory_impl_job.cc:865: [0129/155800:WARNING:http_stream_factory_impl_job.cc(865)] Falling back to SSLv3 because host is TLS intolerant: 10.209.126.125:443 01-29 15:58:00.083 5486 5525 E chromium_net: external/chromium/net/socket/ssl_client_socket_openssl.cc:792: [0129/155800:ERROR:ssl_client_socket_openssl.cc(792)] handshake failed; returned 0, SSL error code 5, net_error -107
我的应用程序还使用 HttpClient 和 HttpsUrlConnection 类来设置 SSL 连接.在使用这些类时,我能够使用 SSLSocket API 来启用特定协议.http:///developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])
My application also uses HttpClient and HttpsUrlConnection classes to setup SSL Connections. I was able to use SSLSocket API to enable specific protocols when using these classes.
http://developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])
我需要对 WebViewClient 做同样的事情.
I need to do the same with WebViewClient.
推荐答案
根据文档,Android 中的 WebView 中不可能支持 TLS 1.0 <4.3.对于 Android 4.4,默认情况下是禁用的.
As per documenation it is NOT possible to support TLS 1.0 in WebView in Android < 4.3. For Android 4.4 it is disabled by default.
查看此图表以了解不同浏览器对 TLS 1.0 的支持:https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
Check this chart for support of TLS 1.0 in different browsers: https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
这篇关于使用 Android WebViewClient 启用特定的 SSL 协议的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
