我的API仅支持以下CipherSuits
(发现这个与ssllab帮助)如何添加特定TLSv1.2工作CipherSuits与OkHttp支持 - Android 4.4的奇巧(API 19)
TLSv1.2
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - OkHttp: yes
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - OkHttp: yes
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - OkHttp: yes
TLS_DHE_RAS_WITH_AES_128_GCM_SHA256 - OkHttp: no
所有这些都支持作为上看到SSLSocket
Android的API 20+我试图adding support for TLSv1.2到OkHttp但是,我仍然可以照常错误
HTTP FAILED: javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: null
然后我加入那些CipherSuits
到ConnectionSpec
和在Android API 21和上述失败
ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2)
.cipherSuites(
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
)
.build();
HTTP FAILED: java.net.UnknownServiceException: Unable to find acceptable protocols. isFallback=false, modes=[ConnectionSpec(cipherSuites=[TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384], tlsVersions=[TLS_1_2], supportsTlsExtensions=true)], supported protocols=[TLSv1.2]
连接工作正常。
那么是否有可能为这些CipherSuits
添加支持?
检查这一项https://stackoverflow.com/a/46025698/8009433 –
感谢,不知道为什么人正在向下投票 –
检查我的答案 –