问题:

I searched for an answer but i did not find any. I am programming a FTP Synchronization tool for Android, i want to provide the following server types: - FTP -> Works - SFTP -> Works - FTPS -> Does not work anymore

I use the apache commons net library, at the beginning in version 2.2 now i checked 3.0.1 and also 3.1 snapshopt but the problem is not gone.

The Error message:

W/System.err(  433): javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x2672b0: Failure in SSL library, usually a protocol error
W/System.err(  433): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol (external/openssl/ssl/s23_srvr.c:589 0xad12959f:0x00000000)
W/System.err(  433):    at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
W/System.err(  433):    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:474)
W/System.err(  433):    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
W/System.err(  433):    at org.apache.commons.net.ftp.FTPSClient.sslNegotiation(FTPSClient.java:259)
W/System.err(  433):    at org.apache.commons.net.ftp.FTPSClient._connectAction_(FTPSClient.java:200)
W/System.err(  433):    at org.apache.commons.net.SocketClient.connect(SocketClient.java:169)
W/System.err(  433):    at org.apache.commons.net.SocketClient.connect(SocketClient.java:189)
W/System.err(  433):    at com.syncoorp.FTPSyncX_Pro.server.FTPSServer.remoteConnect(FTPSServer.java:87)

i dont know what i can do now, to solve this problem and i do not want to tell my customer that they can only use FTPS on android < 2.3

my code to connect is:

        client = new FTPSClient(implictSSL);

        KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
        kmf.init(KeyStore.getInstance("BKS"), "wshr.ut".toCharArray());         

        client.setTrustManager(new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() { return null; }
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { }
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }
        });

        client.setKeyManager(kmf.getKeyManagers()[0]);
        client.setNeedClientAuth(false);
        client.setUseClientMode(false);

         if(timeout > 0) {
            client.setConnectTimeout(timeout);
            client.setDataTimeout(timeout);
            client.setDefaultTimeout(timeout);
         }

        client.connect(values.host, values.port);

Does anybody know something how to fix it or have a workaround?

best regards, PrDatur