Skip to content

javax.net.ssl.SSLException: Connection closed by peer on 4.4.2 device (works on 6.0.1)

I have a problem with getting this error when I’m performing network calls inside my app. Main problem is that same code works on Android 6.0.1 device, but on 4.4.2 device, I’m getting this error:

javax.net.ssl.SSLException: Connection closed by peer 
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:406)
at okhttp3.internal.io.RealConnection.connectTls(RealConnection.java:188)
at okhttp3.internal.io.RealConnection.connectSocket(RealConnection.java:145)
at okhttp3.internal.io.RealConnection.connect(RealConnection.java:108)
at okhttp3.internal.http.StreamAllocation.findConnection(StreamAllocation.java:188)
at okhttp3.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:127)
at okhttp3.internal.http.StreamAllocation.newStream(StreamAllocation.java:97)
at okhttp3.internal.http.HttpEngine.connect(HttpEngine.java:289)
at okhttp3.internal.http.HttpEngine.sendRequest(HttpEngine.java:241)
at okhttp3.RealCall.getResponse(RealCall.java:240)
at okhttp3.RealCall$ApplicationInterceptorChain.proceed(RealCall.java:198)
at okhttp3.logging.HttpLoggingInterceptor.intercept(HttpLoggingInterceptor.java:203)
at okhttp3.RealCall$ApplicationInterceptorChain.proceed(RealCall.java:187)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:160)
at okhttp3.RealCall.access$100(RealCall.java:30)
at okhttp3.RealCall$AsyncCall.execute(RealCall.java:127)
at okhttp3.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:841)

where I’m unable to request data from server.

If you need more data, feel free to ask. Thanks.

Answer

Key here is to force TLS 1.2 protocol, based on this link here.

Only thing that I needed to correct here is to force TLS 1.2 protocol directly, like this:

private class NoSSLv3SSLSocket extends DelegateSSLSocket {

    private NoSSLv3SSLSocket(SSLSocket delegate) {
        super(delegate);
    }

    @Override
    public void setEnabledProtocols(String[] protocols) {
        super.setEnabledProtocols(new String[]{"TLSv1.2"}); // force to use only TLSv1.2 here
    }
}