java - javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android

Question

I am calling https webservice and its works fine before, but now when i am trying to call it its give me following errors.

Log Errors :

12-23 06:28:11.969: W/System.err(3014): javax.net.ssl.SSLException: SSL handshake aborted: ssl=0x1cc160: I/O error during system call, Connection reset by peer
12-23 06:28:11.979: W/System.err(3014):     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:474)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl$SSLInputStream.<init>(OpenSSLSocketImpl.java:750)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:692)
12-23 06:28:11.979: W/System.err(3014):     at crittercism.android.aa.getInputStream(Unknown Source)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java:93)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java:83)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java:170)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java:106)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java:129)
12-23 06:28:11.979: W/System.err(3014):     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:171)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
12-23 06:28:11.989: W/System.err(3014):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)

I am using following code for calling https webservice.

public static void trustAllHosts() {

        X509TrustManager easyTrustManager = new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] chain,
                    String authType) throws CertificateException {
                // Oh, I am easy!
            }

            public void checkServerTrusted(X509Certificate[] chain,
                    String authType) throws CertificateException {
                // Oh, I am easy!
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

        };

        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] { easyTrustManager };

        // Install the all-trusting trust manager
        try {
            SSLContext sc = SSLContext.getInstance("TLS");

            sc.init(null, trustAllCerts, new java.security.SecureRandom());

            HttpsURLConnection
                    .setDefaultSSLSocketFactory(sc.getSocketFactory());

        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static HttpClient getNewHttpClient() {
        try {
            KeyStore trustStore = KeyStore.getInstance(KeyStore
                    .getDefaultType());
            trustStore.load(null, null);

            SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
            sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

            HttpParams params = new BasicHttpParams();
            HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
            HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

            SchemeRegistry registry = new SchemeRegistry();
            registry.register(new Scheme("http", PlainSocketFactory
                    .getSocketFactory(), 80));
            registry.register(new Scheme("https", sf, 443));

            ClientConnectionManager ccm = new ThreadSafeClientConnManager(
                    params, registry);

            return new DefaultHttpClient(ccm, params);
        } catch (Exception e) {
            return new DefaultHttpClient();
        }
    }

MySSLSocketFactory.java

public class MySSLSocketFactory extends SSLSocketFactory {
    SSLContext sslContext = SSLContext.getInstance("TLS");

    public MySSLSocketFactory(KeyStore truststore)
            throws NoSuchAlgorithmException, KeyManagementException,
            KeyStoreException, UnrecoverableKeyException {
        super(truststore);

        TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain,
                    String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain,
                    String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

        sslContext.init(null, new TrustManager[] { tm }, null);
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port,
            boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host, port,
                autoClose);
    }

    @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
}

It is working fine before, but now it fails. There are no any changes made in server.

I already refered

1. Android-Query - Random SSLExceptions
2. Intermittent Connection Reset by Peer errors in Android connecting to .NET REST endpoint
3. Android HTTPS exception Connection reset by peer
4. Why is HttpUrlConnection throwing an SSLException while on a mobile data connection?

I have tested it in both wifi and mobile data. Application not works in both.

If anybody face this problem before then please help me to solve it.

Answer 1

I also got the same exception. I found that it was due to TLS 1.0 protocol was not supported by server.

I observed that Android device, http connection fails to the server where TLS 1.0 is not supported. I searched every where about the bug, but did not find anything related to this problem. And the problem was solved, when the TLS 1.0 protocol support was added to the server.You can check your server / hostname protocol support using https://www.ssllabs.com/ssltest.