I/O error during system call, Connection reset by peer

android http ssl apache-httpclient-4.x
MohanRaj picture MohanRaj · Mar 30, 2015 · Viewed 12.6k times · Source

We have been successfully fetching data from a web server with HTTP url for almost 2 years without any hiccups.

In recent past we have migrated to HTTPS for some security reason.And that's when the problem blossomed.

With WiFi everything works fine,When I connect to 2G pocket data periodically I'm getting connection reset by server issue.

I'm using DefaultHttpClient to connect to the server.

I have tried many work around but nothing rescued me.

  1. javax.net.ssl.SSLException: Read error: ssl=0x56e63588: I/O error during system call, Connection reset by peer

  2. I have applied all the available properties to HttpConnectionParams 

    HttpConnectionParams.setConnectionTimeout(httpClient.getParams(),120000);
HttpConnectionParams.setSoTimeout(httpClient.getParams(), 120000);
HttpConnectionParams.setLinger(httpClient.getParams(), 120000);
HttpConnectionParams.setTcpNoDelay(httpClient.getParams(), true);
HttpConnectionParams.setStaleCheckingEnabled(httpClient.getParams(), false);

  3. And another google group discussion suggested that this issue could be a cause of ideal state of an activity.So I implemented something like this to keep the screen awake.

    powerManager = (PowerManager) getSystemService(Context.POWER_SERVICE);
wakeLock = powerManager.newWakeLock(PowerManager.FULL_WAKE_LOCK,"My Tag");
wakeLock.acquire();

And at the onDestroy() I released it with wakeLock.release();

But that too didn't help.

And is there is anything else I need to check at server end?

Answer

Clark Wilson picture Clark Wilson · Aug 10, 2016

I was having a similar SSL error. Turns out Pre-lollipop devices do not support SSL TLSv1.1, TLSv1.2. I fixed it by including a TLSSocketFactory wrapper class that enables these SSL protocols. Try adding the following to your code:

    static {
    final SSLSocketFactory sslSocketFactory;
    try {
        sslSocketFactory = new TLSSocketFactory();
        HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
    } catch (KeyManagementException ignored) {

    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
}

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/**
 * @author fkrauthan
 * http://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/
 *
 *
// IMPORTANT: Pre-lollipop devices do not support SSL TLSv1.1, TLSv1.2
// so I've included a TLSSocketFactory wrapper class that enables these SSL
// protocols.
 */
public class TLSSocketFactory extends SSLSocketFactory {

    private SSLSocketFactory internalSSLSocketFactory;

    public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, null, null);
        internalSSLSocketFactory = context.getSocketFactory();
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return internalSSLSocketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return internalSSLSocketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
    }

    private Socket enableTLSOnSocket(Socket socket) {
        if(socket != null && (socket instanceof SSLSocket)) {
            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
        }
        return socket;
    }
}

Related questions

javax.net.ssl.SSLException: Read error: ssl=0x9524b800: I/O error during system call, Connection reset by peer

Our clients are starting to see 100s of these "SSLException error - Connection reset by peer" over the last couple of weeks and I can't figure out why We're using Retrofit with okhttp, no special configuration public class OkHttpClientProvider implements …

Read More
CLEARTEXT communication not supported on Retrofit

I'm trying to connect to https server on android using Retrofit. Here's my OkHttpClient @Provides public OkHttpClient provideContactClient(){ HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor(); ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS) .tlsVersions(TlsVersion.TLS_1_2) .cipherSuites(CipherSuite.TLS_RSA_WITH_DES_CBC_…

Read More
Android 8: Cleartext HTTP traffic not permitted

I had reports from users with Android 8 that my app (that uses back-end feed) does not show content. After investigation I found following Exception happening on Android 8: 08-29 12:03:11.246 11285-11285/ E/: [12:03:11.245, main]: Exception: IOException java.io.IOException: Cleartext HTTP traffic to * …

Read More