fileTransfer.download from https return error code 3 (SSL handshake) in android

[stackmanoj]

I am downloading file using this fileTransfer.download(sourecUrl, destinationPath,successCallback,errorCallback,true,{});

In error callback I am receiving error code 3 (SSL handshake)

TLS1.2 is used in my server. Android version is 4.4.3

[pallaviMN]

@stackmanoj did you resolve this issue? even i am facing it

[senjoeson]

i had faced the problem at last time, at that time ,i used the version is v1.5.1. Now i switch the lastest version ,v 1.7.1, but i can't solve the problem . So i change the android source code like this:

• Firstly:

  import javax.net.ssl.HostnameVerifier;
  import javax.net.ssl.HttpsURLConnection;
  import javax.net.ssl.SSLSession;

• Secondly: (the code must add to the method of "download" and "upload" from the class "FileTransfer")

• Finally:

All the above changed are from the class ''FileTransfer.java"

That can fix the bug to solve the problem that can't run on Android P !

@pallaviMN

[pallaviMN]

@senjoeson , i tested in samsung device marshmellow, still getting SSL issue

[senjoeson]

@pallaviMN thanks for your reply.Now can you tell me how to cause the error ? "upload" or "download"? i had mentioned that all the methods need add that settings.

[pallaviMN]

download is causing the error, can you please upload your file. It will be useful @senjoeson

[pallaviMN]

Actually, its not entering that override method itself @senjoeson

[senjoeson]

FileTransfer.txt @pallaviMN please copy that,and change .txt to .java .

[pallaviMN]

@senjoeson , will add & let you know. Thanks a lot

[pallaviMN]

@senjoeson , i am using cordova 7.0.0, will it cause this issue? Because even your code didnt work for me

[pallaviMN]

@senjoeson , its not calling "private static HostnameVerifier hostnameVerifier = new HostnameVerifier " method at all

[senjoeson]

my means is add to .... sorry.it's my mistakes.

[pallaviMN]

sorry i didnt understand @senjoeson

[senjoeson]

@pallaviMN ,i have corrent my word. Please revisit the instructions I wrote above. Thx.

[senjoeson]

@pallaviMN If you have not solved the problem, please provide your contact information, I will talk to you privately.

[raulbht]

I am having problems when downloading files by https since I get error 3 and I have seen in the documentation that you can use the following option "trustAllHosts" but it is not valid for production ... someone could tell me how I could solve it for the production version? Since I have not found anything about it. Thank you.

[wynngd]

i had faced the problem at last time, at that time ,i used the version is v1.5.1. Now i switch the lastest version ,v 1.7.1, but i can't solve the problem . So i change the android source code like this:

• Firstly:

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;

• Secondly: (the code must add to the method of "download" and "upload" from the class "FileTransfer")

• Finally:

All the above changed are from the class ''FileTransfer.java"

That can fix the bug to solve the problem that can't run on Android P !

@pallaviMN

I tried this but it is not working. I need to download a file from a server with self-signed cert but the app needs to by pass the SSL Cert check. Is there another way?

[wynngd]

I already fixed my issue. I followed the way the amazon source (FileTransfer.java) implemented the DO_NOT_VERIFY host name verifier and create anew sslsocket factory.

[uldcra]

Hello everybody. My english is very poor, but wich/what are files modified? Thanks

[uldcra]

Hello everybody. My english is very poor. But there are any posibility for disable https , protocol. I follow this instructions and continue break the application to/with problem .

[curthusting]

@wynngd

I followed the way the amazon source (FileTransfer.java) implemented the DO_NOT_VERIFY host name verifier and create anew sslsocket factory.

You mention that you have fixed this issue by following Amazon, can you elaborate on what you did to fix this?

[wynngd]

Sorry @uldcra for the late reply. I am pretty busy the past few days...

In the FileTransfer.java under Android Source, include this function:

private static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
};    

and then in the function, insert this between line 760 and 761

                    // Setup the HTTPS connection class to trust everyone
                    HttpsURLConnection https = (HttpsURLConnection)connection;
                    oldSocketFactory = trustAllHosts(https);
                    // Save the current hostnameVerifier
                    oldHostnameVerifier = https.getHostnameVerifier();
                    // Setup the connection not to verify hostnames
                    https.setHostnameVerifier(DO_NOT_VERIFY);

This will skip the HTTPS SSL Cert verification.

I attached my code. (just change it back to .java) FileTransfer.txt

Again sorry for the delay...

[uldcra]

Hello wynngd. My english is very poor. but a lot of thanks, i apprecite your helpful, thanks for solve my problem.

[anujparmar545]

This is the code:

and this is the error:

I am getting source and target but not body ,http status and exception. FiletransferError code 2.....Plz help

[codafish-gmbh]

We use file-transfer with Ionic and Capacitor:

    "cordova-plugin-file-transfer": "^1.7.1",
    "@ionic-native/file-transfer": "^5.26.0",

Unfortunately, the method download() on Android devices always results in the exception FileTransferError.CONNECTION_ERR:

            const timeStamp = (Date.now() / 1000).toString();
            url = url + '&cacheBuster=' + timeStamp;
            url = encodeURI(url);
            const transfer = this.transfer.create();
            transfer.download(url, localPath).then(entry => {
                const localUrl = entry.toURL();
                this.openFile(localUrl);
                this.pageDataService.setLoadingStatus(false);
            }, (err) => {
                const error = JSON.stringify(err);
                console.log(url);
                this.pageDataService.setLoadingStatus(false);
                mobiscroll.snackbar({
                    color: 'danger',
                    message: error
                });
            });

We also tried to apply the patch of @wynngd without any success. On iOS devices, the plugin works like a charm.

Is there any chance, that this issue gets fixed?

[breautek]

Is there any chance, that this issue gets fixed?

No, this plugin is deprecated

The issue is older android devices don't have TLS enabled by default, but most devices do support it. I have a fork that solves this problem, but you also need to use a custom cordova-android fork as well.

If you want to fix this in your own forks, you can look at the following commits:

cordova-android: https://github.com/totalpave/cordova-android/commit/b6e550416f6d98a9da9896959db0e7e532d10333 cordova-plugin-file-transfer: https://github.com/totalpave/cordova-plugin-file-transfer/commit/7f9b3ba6791b1a445cb866a30700f0bda6b7aa57

These changesets will make the older android devices (tested as far back as android 4.1) use TLS 1.1 & TLS 1.2.

If you want to change this, see https://github.com/totalpave/cordova-android/commit/b6e550416f6d98a9da9896959db0e7e532d10333#diff-1a0a158bbbc267048975894bb6ce2217R66

The commits are consolidated enough that you should be able to fork the repos, and add my fork as a remote, to git cherry-pick the commit.

If the requested TLS is not available on the device, I'm assuming the app will crash, but I've never seen that in our crash analytics.

Note: I would refrain from using the totalpave fork's, I'm no longer maintaining them as we have moved on. So both the cordova-android fork & the cordova-plugin-file-transfer fork will probably disappear in the future.

[codafish-gmbh]

Hi @breautek,

thanks for your fast reply. Referring to the depricated message: does it mean that the further development of this plugin has been discontinued?

Thanks, Timo

[breautek]

Referring to the depricated message: does it mean that the further development of this plugin has been discontinued?

Yes. The deprecation message provides links that explains how to migrate away from this plugin.

[codafish-gmbh]

Thanks @breautek !

[nazmisyazwan90]

anyone else have any other solution for this issue? tried @wynngd solution but with no success on Android

[breautek]

Using wynngd's solution, which bypasses SSL validation is never a good idea.

First, I'd recommend moving away from this plugin altogether, because this is plugin is deprecated. Read this to learn how

If for some reason you cannot, then https://github.com/apache/cordova-plugin-file-transfer/issues/203#issuecomment-636823017 may help you.

[wynngd]

I agree with Norman here. We already started working on moving away from this. There is a way to download and pin a Self Signed Certificate in both Android and iOS.

That could help fix this issue.

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: Norman Breau notifications@github.com Sent: Tuesday, June 23, 2020 9:43:08 AM To: apache/cordova-plugin-file-transfer cordova-plugin-file-transfer@noreply.github.com Cc: wynngd wynngd@outlook.com; Mention mention@noreply.github.com Subject: Re: [apache/cordova-plugin-file-transfer] fileTransfer.download from https return error code 3 (SSL handshake) in android (#203)

Using wynngd's solution, which bypasses SSL validation is never a good idea.

First, I'd recommend moving away from this plugin altogether, because this is plugin is deprecated. Read this to learn howhttps://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcordova.apache.org%2Fblog%2F2017%2F10%2F18%2Ffrom-filetransfer-to-xhr2.html&data=02%7C01%7C%7C401b7226df9c41d39e1008d81783bf52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637285201893890550&sdata=uAGR%2BlTTd4BxVyg7pd8dFzZZhNIja1LGS9w95OzPkeY%3D&reserved=0

If for some reason you cannot, then #203 (comment)https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fcordova-plugin-file-transfer%2Fissues%2F203%23issuecomment-636823017&data=02%7C01%7C%7C401b7226df9c41d39e1008d81783bf52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637285201893890550&sdata=41pdIv3qpaZzB73Ja%2F8Akq9Bqz9HvtIfy9nq%2BlK2sf4%3D&reserved=0 may help you.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fcordova-plugin-file-transfer%2Fissues%2F203%23issuecomment-648208813&data=02%7C01%7C%7C401b7226df9c41d39e1008d81783bf52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637285201893900544&sdata=LnMFY4ELIbfA1Oq3JFFazOTf9t8F4avpDDX%2F6AzAp%2Bs%3D&reserved=0, or unsubscribehttps://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAHM4R43QVJVS2YNDBJIUQITRYC5PZANCNFSM4FR4G5HQ&data=02%7C01%7C%7C401b7226df9c41d39e1008d81783bf52%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637285201893900544&sdata=0bvz%2F0ptXTuQIVkv7yv5Vzn8JS7Zxjbp4eVovdslLTI%3D&reserved=0.

[timbru31]

Closing this issue, as we won't support Android <5.1 (API level <22) in future releases of plugins and cordova-android already dropped support for it.