Android and Windows dont have same TLS Algorithms
I am using TLS between a Windows 7 acting as the server and an Android 2.2 acting as the client. The certificate was created using makecert.exe. The SSL socket creation works on both ends, but the negotiations on the server side report that the two end points do not share a common algorithm and therefore cannot communicate with each other.
The same windows end point works with another windows end 开发者_开发技巧point acting as the client, so I know in general that the TLS part works. Is there a way to upgrade the Android (an emulator in this case) to have the necessary algorithms? I am asking in a general sense. I figured someone by now knows how to solve this ... I am hoping at least.
It turns out that on this particular windows box I created a signing certificate rather than a data exchange certificate. I forgot the "sky" parameter in the makecert.exe command line tool. Once I fixed that it worked like a charm.
Thanks for all the replies, though. I do appreciate it.
If you aren't using the wrong name such as "TLS" instead of "TLSv1" then download SpongyCastle and register it as a provider:
static {
Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider());
}
then get your SSLContext like so:
SSLContext.getInstance("TLS", "SC");
It would appear that BouncyCastle is pre-loaded on Android but it's a very old version with limited algorithms. Someone repackaged the new BouncyCastle to avoid ClassLoader issues.
精彩评论