Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

android - SSL problems in android studio emulator, works fine on phone

I have an app which makes calls to a web service over https. When I run the apk on my phone, it works great. However, in the emulator, all of the POST requests over SSL fail with:

Read error: ssl=0xb402be00: Failure in SSL library, usually a protocol error error:100c50bf:SSL routines:ssl3_read_bytes:NO_RENEGOTIATION (external/boringssl/src/ssl/s3_pkt.c:852 0xabf7fcd7:0x00000000)

In the access logs on our server, it reports a 403 (Forbidden) whenever the emulator tries to hit the webservice, apparantly because the emulator is not hand-shaking properly with our server. There a bunch of lines like this in apache's error log

[Thu Aug 20 12:21:21 2015] [error] [client xxx.xxx.xxx.xxx] Re-negotiation handshake failed: Not accepted by client!?

Apache actually added the "!?" so it looks like a seriously unexpected error.

In my IDE, I have ticked the option for "Accept non-trusted certificates automatically" but that doesn't make a difference.

I have seen solutions on the web for fixing various SSL issues in android, however, they all seem to be the phone itself having an issue, and require code modification. Since it works fine on the phone, it seems like this is an Android Studio problem, and I should be able to correct this with a configuration setting. Or maybe I have to do something in a apache?

Bottom line: How can I get my app to talk to an SSL webservice in the emulator in Android Studio?

Using Studio 1.3.1, Java 1.7.0_65,

compileSdkVersion 21
buildToolsVersion "22.0.1"
defaultConfig {
    applicationId "com.bla.bla"
    minSdkVersion 14
    targetSdkVersion 19
    multiDexEnabled true
    versionCode 12
    versionName '1.2.0.8'
like image 290
chiliNUT Avatar asked Aug 20 '15 19:08

chiliNUT


People also ask

Why does my phone keep saying SSL connection error?

Many times the reason for an SSL connection error is as simple as a mismatch between your device's and the web server's time & date. Especially when the dates are different. To fix this error all you need to do is to enable automatic time and date set up in the settings.

Why is my SSL certificate not working?

The most common cause of a "certificate not trusted" error is that the certificate installation was not properly completed on the server (or servers) hosting the site. Use our SSL Certificate tester to check for this issue. In the tester, an incomplete installation shows one certificate file and a broken red chain.

How do I enable SSL on my Android?

From Credential Storage Tab, click on Install from Phone Storage/Install from SD Card. A new file storage manager will appear. Now find the SSL certificate from your device. If it asks to enter the PKCS#12 password, add that password which was generated during SSL download process.


1 Answers

I believe this is because the emulator will reset your CA Certificates each time it runs.

Checkout out this post on Setting up a persistent trusted CA in an Android emulator

Please be aware that the location of the CA Certs have changed in Marshmallow, I'll update with some additional information ASAP

like image 79
GMLewisII Avatar answered Oct 05 '22 03:10

GMLewisII