SSL problem on earlier versions of Android

It has been brought to my attention that the hosting service may require Android 5.0 (Lollipop) or above, and not Android 4.0 (KitKat), as previously stated.

This is because of a bug in SSL support, in earlier versions of Android. The site switched to SSL some time ago, because of pressure from Apple and others.

We may try to fix this, or we may take the opportunity to implement Material design. The statistics are now 11% of Android 4.4 users, and 5% of users running earlier versions of Android.

Any device purchased in the last 5 years should be OK.

Update

A user has submitted the following error message:

File I/0 error: javax.net.ssl.SSLProtocolException: SSL
handshake aborted: ssl-0x605cba30: Failure in SSL library,
usually a protocol error
error: 14077410:SSL routines:SSL23_GET SERVER HELLO:sslv3
alert handshake failure (external/openssl/ssl/s23_clnt.c:74-4
0x5f16c6fd:0x00000000)

I have found a possible fix. I will give it a go, but I do not understand it very well, and I have no idea whether it will work.

Later

I managed to test the patch on an emulator, and it works! So I will be rolling it out shortly as version 6.2.2.

Aftermath

  • The patch is perfectly reasonable, even if I do not fully understand it. The important point was that I was able to test it on an emulator.
  • The fact that the patch is only necessary on older versions of Android suggests that they may not be quite as well supported as newer ones.
  • With 16% of users running Android 4.4 or earlier, the stats still do not justify ditching support for it.

Author: Philip Sheard

Philip Sheard has been working in IT for over 40 years, and on this project for the last 20. His current skills include Java, Android, Objective-C, iOS, PHP, MySQL, ASP.Net, SQL Server, HTML, CSS, Apache and WordPress.