"no cypher suites in common" java host and android client
I'm trying to get SSL communication over TCP/IP, using SSLSockets. Once I get the SSLSocket and request the InputStream, I get the "no cypher suites in common" exception on the java (host) side, and on the client side I get: "javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x1b3da8: Failure in SSL library, usually a protocol error". So what I did, was list every available cypher suite on the An开发者_如何学Pythondroid side, and Enabled them on the Server side. Still got the exact same exceptions.
Then I added the following line before getting the input streams:
sslSocket.setEnabledCipherSuites( sslSocket.getSupportedCipherSuites() );
and that worked. Obviously, I can't use that on a production environment as I'd like to ensure that secure encryption is taking place.
So what am I doing wrong?
Thanks in advance
Usually this indicates a misconfiguration of the server keystore. If the server cannot find a valid private key then the only ciphersuites it can use are the anonymous diffie-hellman ciphersuites. Usually these are disabled on most platforms for security reasons.
Use openssl s_client -connect youserver:443
to check what protocol (TLS1, SSLv3) and cipher (RC4-SHA, AES-SHA, etc.) is used to connect to the server. Then enable this cipher at the Android client if it is a sufficiently secure one. If it's not, make sure you enable secure cipher suites on the server. You might also want to list the sslsocket.getEnabledCipherSuites
on the Android side to see what is available by default.
精彩评论