[英]javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7fa2258640: Failure in SSL library, usually a protocol error
[英]SSL handshake aborted: ssl=0x74d2dc46c8: Failure in SSL library, usually a protocol error OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE
在改造中,我在請求中發送 XML,在響應中服務器將發送 XML 作為響應。 我正在使用代理來使用該 API。 但我總是得到 - HTTP 失敗:java.io.IOException:null 上的流意外結束。 我已經嘗試過 stackoverflow 中提到的解決方案,但沒有任何效果。 以下代碼用於改造客戶端 -
fun getRetrofitClient(context: Context): RestAPI {
if (mRetrofitClient == null) {
val cf: CertificateFactory = CertificateFactory.getInstance("X.509")
val cert: InputStream = context.getResources().openRawResource(R.raw.mycert)
val ca: Certificate
ca = try {
cf.generateCertificate(cert)
} finally {
cert.close()
}
val keyStoreType: String = KeyStore.getDefaultType()
val keyStore: KeyStore = KeyStore.getInstance(keyStoreType)
keyStore.load(null, null)
keyStore.setCertificateEntry("ca", ca)
val proxy = Proxy(Proxy.Type.HTTP, InetSocketAddress("xxxx.xx.xx.xx",xxxx ))
val tmfAlgorithm: String = TrustManagerFactory.getDefaultAlgorithm()
val tmf: TrustManagerFactory = TrustManagerFactory.getInstance(tmfAlgorithm)
tmf.init(keyStore)
val sslContext: SSLContext = SSLContext.getInstance("TLSv1.2")
sslContext.init(null, tmf.getTrustManagers(), null)
val spec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2)
.cipherSuites(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA
)
.build()
val httpClient = OkHttpClient.Builder()
.followRedirects(true)
.followSslRedirects(true)
.connectTimeout(10, TimeUnit.MINUTES)
.readTimeout(10, TimeUnit.MINUTES)
.writeTimeout(10, TimeUnit.MINUTES)
.sslSocketFactory(socketFactory)
.socketFactory(socketFactory)
.hostnameVerifier(getHostnameVerifier())
.retryOnConnectionFailure(true)
.proxy(proxy)
.connectionSpecs(Collections.singletonList(spec))
val retrofit = Retrofit.Builder()
.baseUrl("https://xxx.xx.xx.xx:xxxx/xx/")
.addConverterFactory(SimpleXmlConverterFactory.create())
.client(httpClient.build())
.build()
mRetrofitClient = retrofit.create(RestAPI::class.java!!)
}
return mRetrofitClient!!
}
fun getHostnameVerifier(): HostnameVerifier? {
return object : HostnameVerifier {
override fun verify(hostname: String?, session: SSLSession?): Boolean {
return true
}
}
}
以下代碼用於 Rest API -
interface RestAPI {
@Headers("Content-Type: text/xml","Connection: keep-alive","Transfer-Encoding: chunked","Cache-Control: no-cache","Accept: */*","Host: xxx.xx.xx.xx:xxxx","Accept-Encoding: gzip, deflate, br")
@POST("BillQuery/V1.0")
abstract fun billQuery(@Body input:String): Call<String>
}
我也試過截擊,同樣的問題。 但它在 Postman 中運行良好。 我添加了像郵遞員一樣的標題。 還是不行。
請幫忙。
unexpected end of stream
可以通過okhttp或拋出如果響應報頭不能被解析,如果在響應頭的長度Content-Length
不與反應體的實際長度匹配時(見HTTP FAILED:java.io. IOException:在發出 https 請求時意外結束流異常)。
在您的情況下,okhttp 想要將未加密的連接發送到 HTTP 代理,並且在這一步無法解析代理響應中的響應頭,我猜。 代理給 okhttp 一個無效的答案。 您可以嘗試使用郵遞員通過 HTTP 連接到代理嗎?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.