HTTPS issue

[JirkaKrivanek]

Hello, I configured the HTTPS according to the guide (plus some Stack Overflow helps). It basically works, but sometimes it gets MAD, flooding the logs with these errors (this error actually repeats full speed as a response to just a single request - probably some kind of retry mechanism inside of nanohttpd):

    javax.net.ssl.SSLProtocolException: Write error: ssl=0xed4b87b8: Failure in SSL library, usually a protocol error
    error:10000076:SSL routines:OPENSSL_internal:BAD_WRITE_RETRY (external/boringssl/src/ssl/s3_pkt.cc:210 0xd25911cf:0x00000000)
        at com.android.org.conscrypt.NativeCrypto.SSL_write(Native Method)
        at com.android.org.conscrypt.NativeSsl.write(NativeSsl.java:426)
        at com.android.org.conscrypt.ConscryptFileDescriptorSocket$SSLOutputStream.write(ConscryptFileDescriptorSocket.java:626)
        at fi.iki.elonen.NanoHTTPD$Response.sendBody(NanoHTTPD.java:1694)
        at fi.iki.elonen.NanoHTTPD$Response.sendBodyWithCorrectEncoding(NanoHTTPD.java:1667)
        at fi.iki.elonen.NanoHTTPD$Response.sendBodyWithCorrectTransferAndEncoding(NanoHTTPD.java:1657)
        at fi.iki.elonen.NanoHTTPD$Response.send(NanoHTTPD.java:1624)
        at fi.iki.elonen.NanoHTTPD$HTTPSession.execute(NanoHTTPD.java:980)
        at fi.iki.elonen.NanoHTTPD$ClientHandler.run(NanoHTTPD.java:192)
        at java.lang.Thread.run(Thread.java:929)

My HTTPS setup looks like this:

    /**
     * Creates the backend service: HTTPS.
     *
     * @param keyStore
     *         The keystore to load the certificates from. Never {@code null}.
     * @param passphrase
     *         The passphrase for the keystore. Never {@code null}.
     * @return Never {@code null}.
     */
    @NonNull
    public static TestBackendService createHttpS(@NonNull final KeyStore keyStore, @NonNull final char[] passphrase) {
        final TestBackendService result = new TestBackendService(URL_ROOT_HTTPS);
        final String[] sslProtocols = new String[]{"TLSv1.2"};
        result.makeSecure(makeSslSocketFactory(keyStore, passphrase), sslProtocols);
        return result;
    }

    /**
     * Creates the backend service: HTTPS: With the built-in self-signed certificate.
     *
     * @return Never {@code null}.
     */
    @NonNull
    public static TestBackendService createHttpS() {
        try {
            final KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(null, null);
            final Certificate[] chain = new Certificate[]{getBuiltInCertificate()};
            keyStore.setKeyEntry(UUID.randomUUID().toString(),
                                 getBuiltInCertPrivateKey(),
                                 getBuiltInCertPrivateKeyPassphrase().toCharArray(),
                                 chain);
            return createHttpS(keyStore, getBuiltInCertPrivateKeyPassphrase().toCharArray());
        } catch (final IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException exc) {
            throw new IllegalArgumentException(exc);
        }
    }

Any idea how to fix this?

[zlzy]

I encountered the same problem. Did you find any solution?

[JirkaKrivanek]

I encountered the same problem. Did you find any solution?

No, I am sorry, I have not solve it. I just stopped using the HTTPS with NanoHTTPD... As the plain HTTP works quite OK (I write quite as the NanoHTTPD is rather pure and I was hacking it to make it working properly even with the plain HTTP)...

[zlzy]

Thanks for the reply. I found out the error is due to the certificate. A self-signed certificate will cause this error, and I managed to reproduce the error by performing a Nmap scan to my device.