{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 劫难 的问题《SSLHandshakeException on Android 4.4 and lower》','https://www.manongdao.com/q-283778.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have a problem when I want to connect with Paypal Rest API with POST method. When I am not using modernhttpclient I got error
The authentication or decryption has failed.
But when I am using modernhttpclient it work in Android API 23 (Marshmallow) and when I test in Android API 19 (device) and Android API 16 (emulator) I got error
ex {Javax.Net.Ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=…} Javax.Net.Ssl.SSLHandshakeException
According to ssl handshake exception android I need to use custom socket factory. But how can I implement it in HttpClient or modernHttpClient?
Not sure if I can fully answer your question, but I'll give it a try:
If you analyze the Paypal REST API endpoint, for example with SSL Labs like so https://www.ssllabs.com/ssltest/analyze.html?d=api.sandbox.paypal.com&hideResults=on, you see they only support the TLS 1.2 protocol.
Now Android does support this since API Level 16, as you can see here https://developer.android.com/reference/javax/net/ssl/SSLSocket.html, but it is disabled by default and only in API Levels 20+ they enabled it.
In the Xamarin forums someone posted a solution for enabling TLS 1.2 for Android with API Levels 16 to 19 by forking ModernHttpClient and adding an improved SSL socket factory: https://forums.xamarin.com/discussion/63005/modernhttpclient-tls-1-2-android-api-19
This should fix your issue with those Android versions, but it will not help you with versions before Android 4.1.
Basically this issue comes when SSL at server side have a broken chain, server need to include the complete the chain and include the intermediate Root chain,
for more Info please have a refer to this link.
https://developer.android.com/training/articles/security-ssl.html
You can use the ProviderInstaller from Google Play Services, it replaces the system SSL provider with a more recent one provided by Google:
https://developer.android.com/training/articles/security-gms-provider.html
I initialize it in the onCreate() of my application and that error is gone. I am sure you can do that from Xamarin somehow.