[android-developers] Re: SSL from Android
Doing a little recycling, but I have found that I can produce the broken pipe exception on a 1.6 Developer Phone (G1). Am connecting fine both http & https. The problem occurs on the first connection after the phone was brought back from "sleep". Redoing gets it working again. Does not reproduce on a 1.6 emulator. Is this a problem not occurring in later versions, or should I be doing something in one of the Onxxx() methods? Thanks! On Tuesday, November 23, 2010 2:55:43 PM UTC-5, Anm wrote: > > > What is the preferred way to do SSL on Android? > > Coming from a long time Java background, I have tended to jump to a > https protocol URLConnection: > > // URL connection channel. > HttpURLConnection url_connnection = > (HttpURLConnection)url.openConnection(); > > // Let the RTS know that we want to do output. > url_connnection.setDoOutput( true ); > > // No caching, we want the real thing. > url_connnection.setUseCaches( false ); > > // Send POST output. > if( post_params!=null && !post_params.isEmpty() ) { > uploadPostParameters( post_params, url_connnection ); > } > > // Get Input > input_stream = url_connection.getInputStream(); > > > > But this code is running into all sorts of problems on varying > platforms and OS versions: > javax.net.ssl.SSLException: Write error: ssl=0x8f548: I/O error > during system call, Broken pipe > Empty string responses (no error thrown) with no sign of an external > connection on the server logs > java.io.IOException: SSL handshake failure: I/O error during system > call, Connection reset by peer > java.io.IOException: SSL handshake failure: Failure in SSL library, > usually a protocol error >error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol (external/openssl/ssl/s23_clnt.c:585 0xaf58a49b:0x) > > The first two usually go away by repeating it (which is consistent > with Android issue 8625). The handshake exceptions do not seem to go > away once present. > > > To be clear, this is not a self-signed certificate on my SSL server. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: SSL from Android
You probably want to consider secure web services based. The Jt Design Pattern Framework already implements secure web services for Android: a) Java Pattern Oriented Framework, An application of the Messaging Design Pattern IBM Technical Library http://www.ibm.com/developerworks/webservices/library/ws-designpattern/index.html b) Messaging Design Pattern (MDP) and pattern implementation - Published in the 17th conference on Pattern Languages of Programs (PLoP 2010). https://jt.dev.java.net/files/documents/5553/150311/designPatterns.pdf c) Messaging Design Pattern and a distributed Component/Service Model https://jt.dev.java.net/files/documents/5553/149793/MDPdistributedModel.pdf Jt web services for Android provide encryption and authentication. They are also based on a messaging approach which allow for selective encryption of messages. This improves performance. The documentation contains several working examples (Certificates, symmetric/Asymmetric encryption, session key, etc). On Nov 23, 2:55 pm, Anm wrote: > What is the preferred way to do SSL on Android? > > Coming from a long time Java background, I have tended to jump to a > https protocol URLConnection: > > // URL connection channel. > HttpURLConnection url_connnection = > (HttpURLConnection)url.openConnection(); > > // Let the RTS know that we want to do output. > url_connnection.setDoOutput( true ); > > // No caching, we want the real thing. > url_connnection.setUseCaches( false ); > > // Send POST output. > if( post_params!=null && !post_params.isEmpty() ) { > uploadPostParameters( post_params, url_connnection ); > } > > // Get Input > input_stream = url_connection.getInputStream(); > > But this code is running into all sorts of problems on varying > platforms and OS versions: > javax.net.ssl.SSLException: Write error: ssl=0x8f548: I/O error > during system call, Broken pipe > Empty string responses (no error thrown) with no sign of an external > connection on the server logs > java.io.IOException: SSL handshake failure: I/O error during system > call, Connection reset by peer > java.io.IOException: SSL handshake failure: Failure in SSL library, > usually a protocol error > error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol (external/openssl/ssl/s23_clnt.c:585 0xaf58a49b:0x) > > The first two usually go away by repeating it (which is consistent > with Android issue 8625). The handshake exceptions do not seem to go > away once present. > > To be clear, this is not a self-signed certificate on my SSL server. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: SSL from Android
Above code works from desktop Java. The last error ("Failure in SSL library, usually a protocol error: 140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol") was an data service provider redirection without any error. It not an Android issue, but I'd love to know how to detect the error correctly On Nov 23, 11:55 am, Anm wrote: > What is the preferred way to do SSL on Android? > > Coming from a long time Java background, I have tended to jump to a > https protocol URLConnection: > > // URL connection channel. > HttpURLConnection url_connnection = > (HttpURLConnection)url.openConnection(); > > // Let the RTS know that we want to do output. > url_connnection.setDoOutput( true ); > > // No caching, we want the real thing. > url_connnection.setUseCaches( false ); > > // Send POST output. > if( post_params!=null && !post_params.isEmpty() ) { > uploadPostParameters( post_params, url_connnection ); > } > > // Get Input > input_stream = url_connection.getInputStream(); > > But this code is running into all sorts of problems on varying > platforms and OS versions: > javax.net.ssl.SSLException: Write error: ssl=0x8f548: I/O error > during system call, Broken pipe > Empty string responses (no error thrown) with no sign of an external > connection on the server logs > java.io.IOException: SSL handshake failure: I/O error during system > call, Connection reset by peer > java.io.IOException: SSL handshake failure: Failure in SSL library, > usually a protocol error > error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol (external/openssl/ssl/s23_clnt.c:585 0xaf58a49b:0x) > > The first two usually go away by repeating it (which is consistent > with Android issue 8625). The handshake exceptions do not seem to go > away once present. > > To be clear, this is not a self-signed certificate on my SSL server. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en