0

I'm making an app for Android 4.4 and above, and I'm trying to do an https request, I first tried with Retrofit and it gives me this:

V/error: javax.net.ssl.SSLHandshakeException: Handshake failed

I thoug it was something about the Retrofit API, but later I tried with Volley and it gives me this:

SSL handshake aborted: ssl=0xf311e9c8: Failure in SSL library, usually a protocol error
                                                          error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE (third_party/openssl/boringssl/src/ssl/tls_record.cc:562 0xd4fba9c8:0x00000001)
                                                          error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (third_party/openssl/boringssl/src/ssl/handshake.cc:464 0xd7936bd8:0x00000000)
12-29 16:37:53.551 13763-14823/xxx.xxx.xx I/qtaguid: Untagging socket 47
12-29 16:37:53.571 13763-13763/xxx.xx.xx V/error: javax.net.ssl.SSLHandshakeException: Handshake failed

In fact, is the same issue, I don't know if I need add something to my app, due this request works perfectly with postman.

The weird thing is, before we migrate the services to the new server, I was working with a server with HTTP and it works perfectly. I don't know what I must add about security to my app.

lightless07
  • 401
  • 6
  • 17
  • have you tried with device and emulator? do you have charles, or any other proxy service, running on the android device? – TooManyEduardos Dec 29 '17 at 23:21
  • @TooManyEduardos I'm working with an android device, I haven't proxies running or anything else.. – lightless07 Dec 30 '17 at 00:31
  • sorry for the delay. do you own the server? is it possible that this is a valid SSL error coming from the server or dns? – TooManyEduardos Jan 01 '18 at 05:28
  • @TooManyEduardos don’t worry. Appears like the server has disabled the SSLv3 and it’s really weird, due there’s an iPhone app and web site that works with that server, I my mi Android app cannot. – lightless07 Jan 01 '18 at 05:44
  • that "might" mean that the iOS version is set to bypass the https security issues. you can do that in Android too, although it is obviously not recommended – TooManyEduardos Jan 01 '18 at 05:47

0 Answers0