It is a Java problem and you can try the new BouncyCastle JSSE Provider to get modern ciphers on older Android.
Gruss Bernd -- http://bernd.eckenfels.net ________________________________ From: Jacky.Lam <jacky....@bbpos.com> Sent: Monday, April 3, 2017 5:12:49 AM To: httpclient-users@hc.apache.org Subject: TLSv1.2 with cipher SHA256/384 Hi all, I am absolutely dummy on SSL stuff. Please forgive me if I am confused with some basic concept. Currently, I am developing an Android application using the legacy apache library to connect a HTTPS server which only accept TLSv1.2 and the cipher on this list (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html) I find my app working well on Android 5.0+, but not the one with 4.4.2. After searching the web, I know I need to explicitly enable TLSv1.2. But I find the cipher returned only contains those ended with SHA, but not SHA256/384 that TLSv1.2 required. I tried to update the apache library to 4.4.1.1 (maintained by Marek Sebera). But I find the cipher is still the same. Is this a OS problem? Can httpclient library override that? Any suggestion or comment are welcomed. Thanks a lot. BR, Jacky [http://www.bbpos.com/images/marketing/signature_banner.jpg]<http://bbpos.com>
