SSLHandshakeException on Android 4.4 and lower

Question

I have a problem when I want to connect with Paypal Rest API with POST method. When I am not using modernhttpclient I got error

The authentication or decryption has failed. 

But when I am using modernhttpclient it work in Android API 23 (Marshmallow) and when I test in Android API 19 (device) and Android API 16 (emulator) I got error

ex {Javax.Net.Ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=…} Javax.Net.Ssl.SSLHandshakeException

According to ssl handshake exception android I need to use custom socket factory. But how can I implement it in HttpClient or modernHttpClient?

Answer 1

Not sure if I can fully answer your question, but I'll give it a try:

If you analyze the Paypal REST API endpoint, for example with SSL Labs like so https://www.ssllabs.com/ssltest/analyze.html?d=api.sandbox.paypal.com&hideResults=on, you see they only support the TLS 1.2 protocol.

Now Android does support this since API Level 16, as you can see here https://developer.android.com/reference/javax/net/ssl/SSLSocket.html, but it is disabled by default and only in API Levels 20+ they enabled it.

In the Xamarin forums someone posted a solution for enabling TLS 1.2 for Android with API Levels 16 to 19 by forking ModernHttpClient and adding an improved SSL socket factory: https://forums.xamarin.com/discussion/63005/modernhttpclient-tls-1-2-android-api-19

This should fix your issue with those Android versions, but it will not help you with versions before Android 4.1.