Closed OlegBabkin closed 6 years ago
Can you provide a demo reproducing the issue?
Take a look at this link and let me know if these is the same scenario you have: https://github.com/square/okhttp/issues/2669
Yes, I think the problem is same. Server, that I'm using is not allowing SSL usage. Is there any way to reconfigure getSslSocketFactory on OkHttp3 in your repo? (And yes, I'm using Android 7.0 for testing).
So, if your server is not allowing SSL, why you don't use HTTP. Just remove the S from it.
I dont have an access to the server configuration. Removing "S" from HTTP (in an endpoint) on my app do not resolves the problem (Same Handshake failure). I'll try to download your repo and change some OkHttp3 settings, maybe it will help. Also will try to use other platform.
That's actually what i do when EnableUntrustedCertificates = true, reconfigure getSslSocketFactory on OkHttp3. If you find a fix, please let me know.
Ok, anyway thank you for your help.
I am going to include a customTrustManager static property that can be initialized at your Android project before creating the NativeMessageHandler instance.
You can create a custom trust manager with a certificate included in your app as raw resource:
var cf = CertificateFactory.GetInstance("X.509");
var cert = Resources.OpenRawResource(certResourceId);
Certificate ca;
try
{
ca = cf.GenerateCertificate(cert);
}
finally
{
cert.Close();
}
var keyStoreType = KeyStore.DefaultType;
var keyStore = KeyStore.GetInstance(keyStoreType);
keyStore.Load(null, null);
keyStore.SetCertificateEntry("ca", ca);
var tmfAlgorithm = TrustManagerFactory.DefaultAlgorithm;
var tmf = TrustManagerFactory.GetInstance(tmfAlgorithm);
tmf.Init(keyStore);
var customTrustManager = tmf.GetTrustManagers()[0] as IX509TrustManager;
NativeMessageHandler.customTrustManager = customTrustManager;
Where (.crt) is the public part of an SSL certificate.
I'm trying to set your library, but requests do not work, all the time throws exception "Handshake failed" (I think that’s from OkHttp3). Tried to use on each platform separately and from base library, the same result. With adding NativeMessageHandler I'm using same parameters as in an example (Timeout = new TimeSpan(0, 0, 9), EnableUntrustedCertificates = true, DisableCaching = true). Server, that I working with has TLS 1.2 protocol. Trying only with android, at the moment others platforms not realized yet. I dont know where to search for a solution for that problem, please help me someone.