Android Question SSL Websocket client

LucaMs

LucaMs

Expert
Licensed User
Longtime User
Trying to connecting to my websocket server:

closed javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x63a133b0: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x61803166:0x00000000)

Libraries used:
client: WebSocket 2.00
server: jServer 2.80

The server starts and it is reachable (ping). I suppose that if the server SslConfiguration (and the keyvaluestore I created) were incorrect the server would not start/work, correct?
 
Sort by date Sort by votes
LucaMs

LucaMs

Expert
Licensed User
Longtime User
Erel said:
You should provide more information.
Click to expand...
I don't know what informations.

My code is very similar to yours.

Just one thing: creating the keyvaluestore I had to use, temporarily, an IP address; but I think that if this were the problem I would not reach the server (I pinged the server from an online service).

The old project works perfectly if I do not use SSL.

I found this:
https://stackoverflow.com/questions...on-javax-net-ssl-sslprotocolexception-ssl-han

where they say that there are problems with Android < 4.4 but I'm using Android 4.4.2
 
Upvote 0
LucaMs

LucaMs

Expert
Licensed User
Longtime User
Tried this code in my app:
B4X: 
Private Sub TryToConnect
'    wsh.Initialize(Me, "wsh")
'    wsh.ws.Connect(Main.ServerURL)

    NewWS.Initialize("NewWs")
    NewWS.Connect("wss://b4x.com:51041/smiley/ws")
    Wait For NewWs_Connected
    Log("connected here")
    Wait For NewWs_TextMessage (Message As String)
    Log(Message)
    ExitApplication
End Sub

No logs (TryToConnect starts, of course)

This works (browser):
https://www.b4x.com:51041/smiley/index.html
 
Upvote 0
Star-Dust

Star-Dust

Expert
Licensed User
Longtime User
@LucaMs
To make the ranking of your game safe, use FireBase and not the SSL protocol that in some way can be sniffed by Hacker and used to induce false scores.

With Firebase the App that sends will be authenticated.
With SSL you can not identify the genuineness of the sending app. This is the main problem for security.

Better that you talk to an expert about it rather than improvise solutions
 
Upvote 0
LucaMs

LucaMs

Expert
Licensed User
Longtime User
Star-Dust said:
@LucaMs
To make the ranking of your game safe, use FireBase and not the SSL protocol that in some way can be sniffed by Hacker and used to induce false scores.

With Firebase the App that sends will be authenticated.
With SSL you can not identify the genuineness of the sending app. This is the main problem for security.

Better that you talk to an expert about it rather than improvise solutions
Click to expand...
I'm trying this for A9, but it's the same.

Anyway, I will not use only SSL, I think.

Thank you
 
Upvote 0
LucaMs

LucaMs

Expert
Licensed User
Longtime User
Erel said:
Add this sub:
B4X: 
Sub ws_Closed (Reason As String)
   Log("error: " & Reason)
End Sub

Is it raised? Are you testing it on a real device?
Click to expand...

Added.

Real device (Android 4.4.2) and, now, in release mode.


*** Service (starter) Create ***
** Service (starter) Start **
** Activity (main) Create, isFirst = true **
Connecting
** Activity (main) Resume **
error: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x6355af90: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x61803166:0x00000000)
 
Upvote 0
Star-Dust

Star-Dust

Expert
Licensed User
Longtime User
But the @Erel code is very useful for me, thank you
 
Upvote 0
LucaMs

LucaMs

Expert
Licensed User
Longtime User
It almost works, since connects, but after 2 seconds:
*** Service (starter) Create ***
Installing security provider if needed...
** Service (starter) Start **
** Activity (main) Create, isFirst = true **
** Activity (main) Resume **
Provider installed successfully
Connecting
connected
{"data":[],"etype":"setAutomaticEvents"}
android.os.NetworkOnMainThreadException
at android.os.StrictMode$AndroidBlockGuardPolicy.onNetwork(StrictMode.java:1145)
at com.google.android.gms.org.conscrypt.Platform.blockGuardOnNetwork:)com.google.android.gms@11951070)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.shutdownAndFreeSslNative:)com.google.android.gms@11951070:1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.close:)com.google.android.gms@11951070:15)
at com.google.android.gms.org.conscrypt.KitKatPlatformOpenSSLSocketImplAdapter.close:)com.google.android.gms@11951070)
at io.crossbar.autobahn.websocket.WebSocketConnection.closeAndCleanup(WebSocketConnection.java:405)
at io.crossbar.autobahn.websocket.WebSocketConnection.access$12(WebSocketConnection.java:394)
at io.crossbar.autobahn.websocket.WebSocketConnection$2.handleMessage(WebSocketConnection.java:486)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:149)
at android.app.ActivityThread.main(ActivityThread.java:5257)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:515)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:794)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:610)
at dalvik.system.NativeStart.main(Native Method)
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Erel
  • Article
B4J Code Snippet [B4X] Trust all SSL Socket
Replies
10
Views
6K
Magma
Magma
Erel
  • Article
Android Code Snippet [B4X] MQTT SSL and Self Signed Certificates
Replies
2
Views
7K
Erel
Erel
D
  • Question
Android Question Sending binary data over WebSocket?
Replies
9
Views
9K
daemon
D
Erel
  • Article
Android Tutorial Custom WebSocket Based Push Framework
10 11 12
Replies
224
Views
81K
victormedranop
victormedranop
Erel
  • Locked
  • Article
B4A Library WebSocket Client Library
2 3 4
Replies
71
Views
67K
Erel
Erel
Top