Menu
I have an app which makes calls to a web service over https. When I run the apk on my phone, it works great. However, in the emulator, all of the POST requests over SSL fail with:
Read error: ssl=0xb402be00: Failure in SSL library, usually a protocol error error:100c50bf:SSL routines:ssl3_read_bytes:NO_RENEGOTIATION (external/boringssl/src/ssl/s3_pkt.c:852 0xabf7fcd7:0x00000000)
In the access logs on our server, it reports a 403 (Forbidden) whenever the emulator tries to hit the webservice, apparantly because the emulator is not hand-shaking properly with our server. There a bunch of lines like this in apache's error log
[Thu Aug 20 12:21:21 2015] [error] [client xxx.xxx.xxx.xxx] Re-negotiation handshake failed: Not accepted by client!?
Apache actually added the "!?" so it looks like a seriously unexpected error.
In my IDE, I have ticked the option for "Accept non-trusted certificates automatically" but that doesn't make a difference.
I have seen solutions on the web for fixing various SSL issues in android, however, they all seem to be the phone itself having an issue, and require code modification. Since it works fine on the phone, it seems like this is an Android Studio problem, and I should be able to correct this with a configuration setting. Or maybe I have to do something in a apache?
Bottom line: How can I get my app to talk to an SSL webservice in the emulator in Android Studio?
Using Studio 1.3.1, Java 1.7.0_65,
compileSdkVersion 21
buildToolsVersion "22.0.1"
defaultConfig {
applicationId "com.bla.bla"
minSdkVersion 14
targetSdkVersion 19
multiDexEnabled true
versionCode 12
versionName '1.2.0.8'
290
Many times the reason for an SSL connection error is as simple as a mismatch between your device's and the web server's time & date. Especially when the dates are different. To fix this error all you need to do is to enable automatic time and date set up in the settings.
The most common cause of a "certificate not trusted" error is that the certificate installation was not properly completed on the server (or servers) hosting the site. Use our SSL Certificate tester to check for this issue. In the tester, an incomplete installation shows one certificate file and a broken red chain.
From Credential Storage Tab, click on Install from Phone Storage/Install from SD Card. A new file storage manager will appear. Now find the SSL certificate from your device. If it asks to enter the PKCS#12 password, add that password which was generated during SSL download process.
I believe this is because the emulator will reset your CA Certificates each time it runs.
Checkout out this post on Setting up a persistent trusted CA in an Android emulator
Please be aware that the location of the CA Certs have changed in Marshmallow, I'll update with some additional information ASAP
79
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
