hi,
Is there a full examples how Android Client connect using TLS, the default Android examples is using TCP I believed.
I had setup a server using valid certificate SSL and HTML5 client successfully connect using Https address not IP.
How to do this in Android client ?
Best regards
Sen
Examples Android connection using TLS
Re: Examples Android connection using TLS
Hi,
all Android (or Java) clients use TCP/UDP to talk to SFS2X.
There is only one extra step to add when you want to use TLS encryption which is calling the InitCrypto() method on the client side.
If you check the docs here:
http://docs2x.smartfoxserver.com/Gettin ... yptography
you'll find a connector Example in Java, which can be applied to Android clients in the same way.
Hope it helps
all Android (or Java) clients use TCP/UDP to talk to SFS2X.
There is only one extra step to add when you want to use TLS encryption which is calling the InitCrypto() method on the client side.
If you check the docs here:
http://docs2x.smartfoxserver.com/Gettin ... yptography
you'll find a connector Example in Java, which can be applied to Android clients in the same way.
Hope it helps
Re: Examples Android connection using TLS
thanks its very straightforward.
I need to clarify more regarding the port, can we separate the port between android connection and smartfoxserver administration. Like android connection using 9933 and smartfoxserver administration using 9939 ?
I had change smartfoxserver administration to 9939 and leave the socket address 9933 for android, but I can not connect to administration anymore got error can not react x.x.x.x:9939 port
Best Regards,
I need to clarify more regarding the port, can we separate the port between android connection and smartfoxserver administration. Like android connection using 9933 and smartfoxserver administration using 9939 ?
I had change smartfoxserver administration to 9939 and leave the socket address 9933 for android, but I can not connect to administration anymore got error can not react x.x.x.x:9939 port
Best Regards,
Re: Examples Android connection using TLS
After I following the example, I got return error from CRYPTO_INIT event:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
The same server I connect using html5 client https connection has no issue. Where do I miss ?
Sorry I need to more clear:
openssl s_client -connect www.somehttpslink.com:8443 --> Ok
but
openssl s_client -connect www.somehttpslink.com:9933 --> Not Ok
CONNECTED(00000194)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 344 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
it seem 9933 not cert yet. Where did I miss ?
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
The same server I connect using html5 client https connection has no issue. Where do I miss ?
Sorry I need to more clear:
openssl s_client -connect www.somehttpslink.com:8443 --> Ok
but
openssl s_client -connect www.somehttpslink.com:9933 --> Not Ok
CONNECTED(00000194)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 344 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
it seem 9933 not cert yet. Where did I miss ?
Re: Examples Android connection using TLS
Hi,
the 2nd test you are running on port 9933 will never work because openssl doesn't speak the SFS2X protocol. You can only test HTTPS websites.
To check the integrity of your certificate I would recommend using an SSL diagnostics tool such as this:
https://www.digicert.com/help/
Point the tool to your HTTPS domain and see the results.
If everything is in order I'd suggest you send us the details of your server (IP address and domain) so we can double check. In that case you can contact us directly via our support@... mailbox, adding a reference to this discussion.
Thanks!
the 2nd test you are running on port 9933 will never work because openssl doesn't speak the SFS2X protocol. You can only test HTTPS websites.
To check the integrity of your certificate I would recommend using an SSL diagnostics tool such as this:
https://www.digicert.com/help/
Point the tool to your HTTPS domain and see the results.
If everything is in order I'd suggest you send us the details of your server (IP address and domain) so we can double check. In that case you can contact us directly via our support@... mailbox, adding a reference to this discussion.
Thanks!
Re: Examples Android connection using TLS
thank you, spare me much time that openssl use different protocol with sfs in TLS port 9933
I use the link to check the certificate it ok, support both TLS1.2 and TLS1.3
After some digging, I came across that if I include my cert file in APK folder .\RAW, there is no issue the server do not disconnect me after I connect. But is this a best practice including cert file into APK ?
Best Regards,
I use the link to check the certificate it ok, support both TLS1.2 and TLS1.3
After some digging, I came across that if I include my cert file in APK folder .\RAW, there is no issue the server do not disconnect me after I connect. But is this a best practice including cert file into APK ?
Best Regards,
Re: Examples Android connection using TLS
I have never heard of this before, though I am no Android expert.
Generally speaking I find it strange that you would need to do add the certificate on the client side. Also, we have done different tests with Android apps and never had to do such a thing.
Similarly you don't need to do that for Java apps, which is what an Android app is, essentially. (well, unless you're developing in C++ )
Cheers
Generally speaking I find it strange that you would need to do add the certificate on the client side. Also, we have done different tests with Android apps and never had to do such a thing.
Similarly you don't need to do that for Java apps, which is what an Android app is, essentially. (well, unless you're developing in C++ )
Cheers
Re: Examples Android connection using TLS
ok after some more digging, the difference between staging and production server is the OS, in staging using window 2019 server is not support TLS 1.3, so all android sdk include >=30 using TLS 1.2
While in production we are using win 2022 server already support TLS 1.3 so by default all android communication using TLS 1.3 which not supported by android sdk until >=30
After disable TLS 1.3 in win 2022, the android client works perfectly, hopes this will help others in future
Many thanks LAPO
Best regards,
Sen
While in production we are using win 2022 server already support TLS 1.3 so by default all android communication using TLS 1.3 which not supported by android sdk until >=30
After disable TLS 1.3 in win 2022, the android client works perfectly, hopes this will help others in future
Many thanks LAPO
Best regards,
Sen
Re: Examples Android connection using TLS
Thanks for the update. I am glad you've found the cause of the problem
Cheers
Cheers
Return to “SFS2X Java / Android API”
Who is online
Users browsing this forum: No registered users and 46 guests