SSL握手已中止: ssl=0x74d2dc46c8: SSL库中出现故障,通常是协议错误OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE
在改进中,我在请求和响应中发送XML,服务器将在响应中发送XML。我正在使用代理来使用该API。但我总是得到- HTTP FAILED: java.io.IOException:在null上意外结束流。我尝试了stackoverflow中提到的解决方案,但都不起作用。下面的代码是针对改装客户端的-
fun getRetrofitClient(context: Context): RestAPI {
if (mRetrofitClient == null) {
val cf: CertificateFactory = CertificateFactory.getInstance("X.509")
val cert: InputStream = context.getResources().openRawResource(R.raw.mycert)
val ca: Certificate
ca = try {
cf.generateCertificate(cert)
} finally {
cert.close()
}
val keyStoreType: String = KeyStore.getDefaultType()
val keyStore: KeyStore = KeyStore.getInstance(keyStoreType)
keyStore.load(null, null)
keyStore.setCertificateEntry("ca", ca)
val proxy = Proxy(Proxy.Type.HTTP, InetSocketAddress("xxxx.xx.xx.xx",xxxx ))
val tmfAlgorithm: String = TrustManagerFactory.getDefaultAlgorithm()
val tmf: TrustManagerFactory = TrustManagerFactory.getInstance(tmfAlgorithm)
tmf.init(keyStore)
val sslContext: SSLContext = SSLContext.getInstance("TLSv1.2")
sslContext.init(null, tmf.getTrustManagers(), null)
val spec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2)
.cipherSuites(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA
)
.build()
val httpClient = OkHttpClient.Builder()
.followRedirects(true)
.followSslRedirects(true)
.connectTimeout(10, TimeUnit.MINUTES)
.readTimeout(10, TimeUnit.MINUTES)
.writeTimeout(10, TimeUnit.MINUTES)
.sslSocketFactory(socketFactory)
.socketFactory(socketFactory)
.hostnameVerifier(getHostnameVerifier())
.retryOnConnectionFailure(true)
.proxy(proxy)
.connectionSpecs(Collections.singletonList(spec))
val retrofit = Retrofit.Builder()
.baseUrl("https://xxx.xx.xx.xx:xxxx/xx/")
.addConverterFactory(SimpleXmlConverterFactory.create())
.client(httpClient.build())
.build()
mRetrofitClient = retrofit.create(RestAPI::class.java!!)
}
return mRetrofitClient!!
}
fun getHostnameVerifier(): HostnameVerifier? {
return object : HostnameVerifier {
override fun verify(hostname: String?, session: SSLSession?): Boolean {
return true
}
}
}以下代码是针对Rest API的-
interface RestAPI {
@Headers("Content-Type: text/xml","Connection: keep-alive","Transfer-Encoding: chunked","Cache-Control: no-cache","Accept: */*","Host: xxx.xx.xx.xx:xxxx","Accept-Encoding: gzip, deflate, br")
@POST("BillQuery/V1.0")
abstract fun billQuery(@Body input:String): Call<String>
}我也试过截击,同样的问题。但它在Postman中运行得很好。我已经添加了像邮递员这样的标题。它仍然不能工作。
请帮帮忙。
回答 1
Stack Overflow用户
发布于 2020-03-26 20:34:04
如果响应头无法解析,或者响应头Content-Length中的长度与响应体的实际长度不匹配(请参阅HTTP FAILED: java.io.IOException: unexpected end of stream exception while making https request),则okhttp可能会抛出unexpected end of stream。
在您的示例中,okhttp希望向HTTP-proxy发送一个未加密的连接,并且我猜在这一步无法从proxy-response解析响应头。代理给了okhttp一个无效的答案。您可以尝试与邮递员通过HTTP连接到代理服务器吗?
https://stackoverflow.com/questions/60862111
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号