Retrofit Https call give Connection reset

Question

I'm trying to use retrofit in my spring boot project to access a https call, but every time I run it, it gives

java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:209) ~[na:1.8.0_102]
    at java.net.SocketInputStream.read(SocketInputStream.java:141) ~[na:1.8.0_102]
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) ~[na:1.8.0_102]
    at sun.security.ssl.InputRecord.read(InputRecord.java:503) ~[na:1.8.0_102]
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) ~[na:1.8.0_102]
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_102]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[na:1.8.0_102]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[na:1.8.0_102]
    at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:242) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:200) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.RealConnection.buildConnection(RealConnection.java:174) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:114) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:196) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:132) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:101) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) ~[okhttp-3.5.0.jar:na]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) ~[okhttp-3.5.0.jar:na]
    at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:179) ~[okhttp-3.5.0.jar:na]
    at okhttp3.RealCall.execute(RealCall.java:63) ~[okhttp-3.5.0.jar:na]
    at retrofit2.OkHttpCall.execute(OkHttpCall.java:174) ~[retrofit-2.1.0.jar:na]

My implementation is the following:

public static final Retrofit retrofit = new Retrofit.Builder().baseUrl(Utils.BASE_URL)
            .client(new OkHttpClient().newBuilder().retryOnConnectionFailure(true).connectTimeout(15, TimeUnit.SECONDS)
                    .readTimeout(50, TimeUnit.SECONDS).build())
            .addConverterFactory(GsonConverterFactory.create()).build();

and the call:

Service service = service.retrofit.create(Service.class);
Call<myObject> call = service.callService();
call.execute().body();

UPDATE I added -Djavax.net.debug=ssl:handshake:verbose to my jvm and I got the following output:

Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1482447462 bytes = { 90, 39, 6, 215, 111, 143, 240, 128, 196, 112, 178, 59, 97, 245, 196, 32, 59, 178, 217, 232, 1, 178, 221, 33, 93, 26, 143, 120 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension server_name, server_name: [type=host_name (0), value=api-test]
Extension renegotiation_info, renegotiated_connection: <empty>
***
http-nio-8080-exec-1, WRITE: TLSv1.2 Handshake, length = 189
http-nio-8080-exec-1, handling exception: java.net.SocketException: Connection reset
http-nio-8080-exec-1, SEND TLSv1.2 ALERT:  fatal, description = unexpected_message
http-nio-8080-exec-1, WRITE: TLSv1.2 Alert, length = 2
http-nio-8080-exec-1, Exception sending alert: java.net.SocketException: Broken pipe
http-nio-8080-exec-1, called closeSocket()
http-nio-8080-exec-1, called close()
http-nio-8080-exec-1, called closeInternal(true)

Answer 1

Changing the url from http to https fixed the issue for me. I was using http://testthesms.000webhostapp.com/...... instead of https://testthesms.000webhostapp.com..... Though some other request went through the http.

Answer 2

Change your url to HTTPS. It works for me