Description
Android 4.4 and older devices fail to connect to onesignal.com and print the following SSL error in the logcat:
2021-10-25 18:22:29.410 7613-7718/com.onesignal.sdktest W/OneSignal: OneSignalRestClient: null Error thrown from network stack.
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x55870ae8: Failure in SSL library, usually a protocol error
error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (external/openssl/ssl/s23_clnt.c:714 0x52adcd5c:0x00000000)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)
at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
at com.android.okhttp.Connection.connect(Connection.java:107)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:296)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponseCode(HttpURLConnectionImpl.java:503)
at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:136)
at com.onesignal.OneSignalRestClient.startHTTPConnection(OneSignalRestClient.java:183)
at com.onesignal.OneSignalRestClient.access$100(OneSignalRestClient.java:44)
at com.onesignal.OneSignalRestClient$4.run(OneSignalRestClient.java:112)
at java.lang.Thread.run(Thread.java:841)
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x55870ae8: Failure in SSL library, usually a protocol error
error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (external/openssl/ssl/s23_clnt.c:714 0x52adcd5c:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
... 13 more(NOTE: This does not cause a crash, but the device does not register for push with OneSignal)
This is due to onesignal.com only supporting TLS 1.2 and newer.
https://www.ssllabs.com/ssltest/analyze.html?d=onesignal.com&s=104.18.225.52&latest
Solution
Enable TLS 1.2
TLS 1.2 is support by Android API 16+ (Android 4.1+) but is only enabled by default if the device is running Android API 20+ (devices with Android 5.0 or newer).
TLS 1.2 can be enabled on API 16+ (Android 4.1+) with code in the app in one of the following ways:
Environment
OneSignal-Android-SDK 4.6.1 running on an Android 4.4 device.
Steps to Reproduce Issue
- Start app on any Android 4.4 or older device
- Observer it never registers to onesignal.com and print SSL errors to onesignal.com in the logcat.
Description
Android 4.4 and older devices fail to connect to onesignal.com and print the following SSL error in the logcat:
(NOTE: This does not cause a crash, but the device does not register for push with OneSignal)
This is due to onesignal.com only supporting TLS 1.2 and newer.
https://www.ssllabs.com/ssltest/analyze.html?d=onesignal.com&s=104.18.225.52&latest
Solution
Enable TLS 1.2
TLS 1.2 is support by Android API 16+ (Android 4.1+) but is only enabled by default if the device is running Android API 20+ (devices with Android 5.0 or newer).
TLS 1.2 can be enabled on API 16+ (Android 4.1+) with code in the app in one of the following ways:
Environment
OneSignal-Android-SDK 4.6.1 running on an Android 4.4 device.
Steps to Reproduce Issue