javaandroidjsouptls1.2sslv3

How to disable SSLv3 in Jsoup android? (javax.net.ssl.SSLHandshakeException)

I've got this error while trying to connect to prozis.com website through Jsoup in android 4.2.2, but failing because the site only accepts TLS 1.2. I've done some reading and I found it's a problem with the SSLv3 protocol not being enabled by default in this version of android. But as I'm using Jsoup, I can't extend the main class and use a custom SSLSocketFactory class. Is there some other way to disable SSLv3 or force TLS1.x in android 4?

String url;
@Override
protected Document doInBackground(String... params) {
    this.url = params[0];
    Document resultDocument = null;
    try {
        resultDocument = Jsoup
                .connect(url)
                .validateTLSCertificates(false)
                .userAgent(userAgent)
                .timeout(NET_TIMEOUT)
                .maxBodySize(0) //sem limite de tamanho do doc recebido
                .get();

    } catch (IOException e) {
        e.printStackTrace();
    }
    return resultDocument;


09-29 01:45:51.662 3447-3471 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.662 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.662 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:195)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:186)
09-29 01:45:51.674 3447-3471 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.674 3447-3471 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.674 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)
09-29 01:45:51.674 3447-3471 W/System.err:  ... 18 more
09-29 01:45:51.682 3447-3465 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:346)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:328)
09-29 01:45:51.682 3447-3465 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.682 3447-3465 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)

09-29 01:45:51.682 3447-3465 W/System.err: ... 18 more

Solution

  • Found out how to make this work using NetCipher library. Answer from another question answered by Hans-Christoph Steiner: https://stackoverflow.com/a/32466614/6723008

    In the build.gradle (app module) file include the NetCipher compile dependency, latest version is 1.2:

    compile 'info.guardianproject.netcipher:netcipher:1.2'

    (Or you can download the netcipher-1.2.jar and include it directly in your app.)

    Usage: 

    HttpsURLConnection netCipherconnection = NetCipher.getHttpsURLConnection(url);
netCipherconnection.connect();

BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(netCipherconnection.getInputStream()));
StringBuilder stringBuilder = new StringBuilder();
String stringHTML;
while ((stringHTML = bufferedReader.readLine()) != null)
    stringBuilder.append(stringHTML);
bufferedReader.close();
Document resultDocument = Jsoup.parse(String.valueOf(stringBuilder));