androidandroid-studiotls1.2android-ksoap2

How to enable TLS 1.1 and 1.2 for android 4.1.1


I am using Android version 4.4 And try o call a web service through HttpTransportSE but my server is not responding because of TLS is not enabled. how to enable please help. my code for http class is below :

String jsonData = "";
    String NameSpace = "http://tempuri.org/";
    String MethodNameGodown = "", SOAP_ACTION = "";
    SoapPrimitive response = null;
    MethodNameGodown = "MethodName";
    SOAP_ACTION = NameSpace + MethodNameGodown;

    SoapObject soapObject = new SoapObject(NameSpace, MethodNameGodown);

    soapObject.addProperty("UserID", username);
    soapObject.addProperty("Password", password);
    soapObject.addProperty("ESN", "xym");
    SoapSerializationEnvelope soapEnvelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
    soapEnvelope.dotNet = true;
    soapEnvelope.setOutputSoapObject(soapObject);

    HttpTransportSE androidHttpTransport = new HttpTransportSE(sharedPreferences.getString("server_Middleware", ""), Constants.loginScreenTimeOut);

   
    try {
        androidHttpTransport.call(SOAP_ACTION, soapEnvelope);
        response = (SoapPrimitive) soapEnvelope.getResponse();

    } catch (IOException e) {
        e.printStackTrace();
    } catch (XmlPullParserException e) {
        e.printStackTrace();
    }
    return response + "";

Solution

  • You need to Create a Custom Class for this.

    public class TLSSocketFactory extends SSLSocketFactory {
    
        private SSLSocketFactory internalSSLSocketFactory;
    
        public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
            SSLContext context = SSLContext.getInstance("TLS");
            context.init(null, null, null);
            internalSSLSocketFactory = context.getSocketFactory();
        }
    
        @Override
        public String[] getDefaultCipherSuites() {
            return internalSSLSocketFactory.getDefaultCipherSuites();
        }
    
        @Override
        public String[] getSupportedCipherSuites() {
            return internalSSLSocketFactory.getSupportedCipherSuites();
        }
    
        @Override
        public Socket createSocket() throws IOException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket());
        }
    
        @Override
        public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
        }
    
        @Override
        public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
        }
    
        @Override
        public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
        }
    
        @Override
        public Socket createSocket(InetAddress host, int port) throws IOException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
        }
    
        @Override
        public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
            return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
        }
    
        private Socket enableTLSOnSocket(Socket socket) {
            if(socket != null && (socket instanceof SSLSocket)) {
                ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
            }
            return socket;
        }
    }
    

    you can refer the original code from the link: https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/

    ater that just add,

    HttpsURLConnection.setDefaultSSLSocketFactory(new TLSSocketFactory());