nasa / api-docs

api.nasa.gov
http://nasa.github.io/api-docs/
450 stars 109 forks source link

Cannot Connect to APOD via HTTPS on Pre-Lollipop Android devices #80

Closed JeffreyCA closed 7 years ago

JeffreyCA commented 7 years ago

I am trying to connect to APOD resources such as https://apod.nasa.gov/apod/astropix.html on Android using OkHttp, but I keep getting an SSL Handshake error. This occurs on devices running Android versions earlier than 4.4.2.

I ran some tests on SSLLabs and here are the results: https://www.ssllabs.com/ssltest/analyze.html?d=apod.nasa.gov&s=129.164.179.22

Note all of the pre-4.4.2 devices result in a handshake failure.

NASA's other domains do not have this problem, all devices are able to handshake without any problems: https://www.ssllabs.com/ssltest/analyze.html?d=api.nasa.gov&s=34.193.234.42

I'm currently developing an Android application which uses APOD images and since the move to HTTPS, I've been getting handshake errors on certain Android devices as a result.

brianthomas commented 7 years ago

I just ran your tests from ssllabs and it ran OK for me ("Grade B" for both tests although I admit to having no idea what the grading system means..)

jasonduley commented 7 years ago

thanks @brianthomas we had to implement OMB Mandate M-15-13 https://https.cio.gov/guide/ and update all of our SSL configurations to the newest versions and this is most likely the cause of your client breaking

JeffreyCA commented 7 years ago

Hello, thanks for the response!

I totally forgot about this open issue, but I managed to solve resolve the problem with a combination of this and this.