Android Question ResponseError. Reason: javax.net.ssl.SSLHandshakeException: Connection closed by peer, Response:

[Flavio SOuza]

<code>
Dim j As HttpJob
j.Initialize("", Me) '
j.Download("https://www.beneficiossociais.caixa.gov.br/consulta/beneficio/04.01.00-00_00.asp")

</code>

Erro open,

https://www.beneficiossociais.caixa.gov.br/consulta/beneficio/04.01.00-00_00.asp

ResponseError. Reason: javax.net.ssl.SSLHandshakeException: Connection closed by peer, Response:
javax.net.ssl.SSLHandshakeException: Connection closed by peer

 

[Flavio SOuza]

I think the site is using an old TLS protocol. Therefore someone needs to show you how (if possible) enable old TLS protocols on the android side. I've confirmed my guess by running the site past https://www.ssllabs.com/ssltest/analyze.html?d=www.beneficiossociais.caixa.gov.br. It get's a F rating. It supports TLS 1.0 (old). Looks like since API 20+, older TLS protocols have been disabled by default (https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/). If that is your case, someone needs to help you to enable older protocols (if possible), which then would have to be disabled after using that site (why degrade all security for all sites just for this site).

That's right... thank you. Now I just need to know how to do this...

 

[Semen Matusovskiy]

Well, I decided to look under API 16 (where TLS 1.1, TLS 1.2 are disabled by default).
At first I got a message about untrusted certificate. Ok, I use InitializeAcceptAll. And got

<html>
    <head>
        <title>SIBEC - Sistema de Benef�cios ao Cidad�o</title>
    </head>
    <frameset framespacing="0" border="0" frameborder="0" src="blank.htm" cols="0%,100%,0%,0%">
        <frame name="EscondidoJS" src="#" scrolling="auto">
        <frame name="Principal"    src="04.01.00-00_01.asp" scrolling="auto">
        <frame name="EscondidoASP" src="#" scrolling="auto">
        <frame name="EscondidoASP1"    src="#" scrolling="auto">
    </frameset>
    <noframes></noframes>
</html>

Even if to solve a problem with protocols under modern API, just curious, how do you plan to process similar html ?

 

[Flavio SOuza]

I will send a POST and get the html content with the return and treat the html with regex all in <td> </ td>

 

[Flavio SOuza]

Well, I decided to look under API 16 (where TLS 1.1, TLS 1.2 are disabled by default).
At first I got a message about untrusted certificate. Ok, I use InitializeAcceptAll. And got

<html>
    <head>
        <title>SIBEC - Sistema de Benef�cios ao Cidad�o</title>
    </head>
    <frameset framespacing="0" border="0" frameborder="0" src="blank.htm" cols="0%,100%,0%,0%">
        <frame name="EscondidoJS" src="#" scrolling="auto">
        <frame name="Principal"    src="04.01.00-00_01.asp" scrolling="auto">
        <frame name="EscondidoASP" src="#" scrolling="auto">
        <frame name="EscondidoASP1"    src="#" scrolling="auto">
    </frameset>
    <noframes></noframes>
</html>

Even if to solve a problem with protocols under modern API, just curious, how do you plan to process similar html ?

I actually changed the SDK version to 16 and it worked. But I need 26 to publish to Google play. any idea of what you can do

 

[Semen Matusovskiy]

OkHttp is an open-source library.
It looks that, the most simple solution is to correct https://github.com/square/okhttp/blob/master/okhttp/src/main/java/okhttp3/ConnectionSpec.java
and to remove TLS 1.1-1.3 from here.

public static final ConnectionSpec MODERN_TLS = new Builder(true)
.cipherSuites(APPROVED_CIPHER_SUITES)
.tlsVersions(TlsVersion.TLS_1_3, TlsVersion.TLS_1_2, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0)
.supportsTlsExtensions(true)
.build();

But I don't know tools, which allow to change jar 'on fly'. JD, for example, is a simple viewer.