Android Question ResponseError. Reason: javax.net.ssl.SSLHandshakeException: Connection closed by peer, Response:

[Flavio SOuza]

<code>
Dim j As HttpJob
j.Initialize("", Me) '
j.Download("https://www.beneficiossociais.caixa.gov.br/consulta/beneficio/04.01.00-00_00.asp")

</code>

Erro open,

https://www.beneficiossociais.caixa.gov.br/consulta/beneficio/04.01.00-00_00.asp

ResponseError. Reason: javax.net.ssl.SSLHandshakeException: Connection closed by peer, Response:
javax.net.ssl.SSLHandshakeException: Connection closed by peer

 

[DonManfred]

The site is using an untrusted SSL Certificate.
- Setup a trusted SSL Cert.

Alternatively you can try to use the sourcemnodules and initialize the hc Client with InitializeAcceptAll

 

[Flavio SOuza]

So the site is not mine, I have no way to validate the certificate ... Would you like to use the InitializeAcceptAll have some clear example of it? I found no forum.

thanks!

 

[Semen Matusovskiy]

1. About Don's suggestion
Guess you use OkHttp and OkHttpUtils2 libraries.
1) Uncheck OkHttpUtils2.
2) Download OkHttpUtils2 source code - https://www.b4x.com/android/forum/attachments/httputils2modules-zip.69304/
Unzip files into your app folder and add them to your project.
3) Open HttpUtils2Service. Find hc.Initialize("hc") and replace to hc.InitializeAcceptAll("hc")

----------------------------------

2) Not a fact that this will help. "Connection closed by peer" means that the server refused to work with incoming request. Nothing more.
The reason may be any. For example, the server does not recognize User-Agent or something else.

EDIT. Decided to check. hc.InitializeAcceptAll("hc") does not help.

 

[Flavio SOuza]

I did everything as requested, but it keeps returning the same error. I tried to add the header > but without success

j.GetRequest.SetHeader("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6")

 

[DonManfred]

Are you sure to use the code modules instead of the library?

 

[Flavio SOuza]

Yes, using a library

 

[DonManfred]

Yes, using a library

Guess you use OkHttp and OkHttpUtils2 libraries.
1) Uncheck OkHttpUtils2.

UNCHECK IT. Add the 2 Modules. Use the modules INSTEAD of the Library.

 

[Flavio SOuza]

UNCHECK IT. Add the 2 Modules. Use the modules INSTEAD of the Library.

It is already unchecked

 

[Flavio SOuza]

https://image.ibb.co/icGw1p/Screenshot_4.png

 

[DonManfred]

Export the Project and upload it

 

[Flavio SOuza]

ok,

 

[Flavio SOuza]

a download url () is this https://www.beneficiossociais.caixa.gov.br/consulta/beneficio/04.01.00-00_01.asp

 

[DonManfred]

ok,

Seems you did it right. But the page deny your request. Maybe it is missing some setting.

Do the page provide an SDK Documentation (preferably in english) and maybe a example request-Code? Maybe php or curl example

 

[Flavio SOuza]

Currently I use php curl to access this page and return as information. You are using the example you use in php.

There is no documentation, it was a government site

 

[DonManfred]

Currently I use php curl to access this page and return as information

hmm. I can not see anything which needs to be adapted.
I can imagine it has something to do with

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

but i´m not sure. Even i don´t know how to adapt it to B4A, sorry.

 

[Semen Matusovskiy]

I copied headers, which uses Google Chrome on PC. Doesn't help.
Unfortunatelly, it looks that a problem really exists. In OkHttp3 as it is or in it's implementation in B4A.

Unlike, in general SSL protocol works normally (for example, I don't see troubles for my site)

 

[Erel]

hc.InitializeAcceptAll will only help when the server is properly configured with a supported protocol but with an unrecognized certificate.

It doesn't seem to be the case with this site. Note that it doesn't open in Microsoft Edge at all.

See its SSL report: https://www.ssllabs.com/ssltest/analyze.html?d=www.beneficiossociais.caixa.gov.br

 

[Flavio SOuza]

I have tested almost all user-agent but it does not work. It has apps in google play that uses this same url to work and it works :|

 

[OliverA]

I think the site is using an old TLS protocol. Therefore someone needs to show you how (if possible) enable old TLS protocols on the android side. I've confirmed my guess by running the site past https://www.ssllabs.com/ssltest/analyze.html?d=www.beneficiossociais.caixa.gov.br. It get's a F rating. It supports TLS 1.0 (old). Looks like since API 20+, older TLS protocols have been disabled by default (https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/). If that is your case, someone needs to help you to enable older protocols (if possible), which then would have to be disabled after using that site (why degrade all security for all sites just for this site).