Examples Android connection using TLS

Post here your questions about the Java client / Android API for SFS2X

Moderators: Lapo, Bax

tanaelt
Posts: 5
Joined: 22 Oct 2021, 07:39

Examples Android connection using TLS

Postby tanaelt » 23 Mar 2022, 13:04

hi,

Is there a full examples how Android Client connect using TLS, the default Android examples is using TCP I believed.

I had setup a server using valid certificate SSL and HTML5 client successfully connect using Https address not IP.


How to do this in Android client ?


Best regards
Sen
User avatar
Lapo
Site Admin
Posts: 22999
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: Examples Android connection using TLS

Postby Lapo » 23 Mar 2022, 17:17

Hi,
all Android (or Java) clients use TCP/UDP to talk to SFS2X.
There is only one extra step to add when you want to use TLS encryption which is calling the InitCrypto() method on the client side.

If you check the docs here:
http://docs2x.smartfoxserver.com/Gettin ... yptography
you'll find a connector Example in Java, which can be applied to Android clients in the same way.

Hope it helps
Lapo
--
gotoAndPlay()
...addicted to flash games
hng
Posts: 30
Joined: 01 Nov 2021, 18:17

Re: Examples Android connection using TLS

Postby hng » 24 Mar 2022, 05:52

thanks its very straightforward.

I need to clarify more regarding the port, can we separate the port between android connection and smartfoxserver administration. Like android connection using 9933 and smartfoxserver administration using 9939 ?

I had change smartfoxserver administration to 9939 and leave the socket address 9933 for android, but I can not connect to administration anymore got error can not react x.x.x.x:9939 port



Best Regards,
hng
Posts: 30
Joined: 01 Nov 2021, 18:17

Re: Examples Android connection using TLS

Postby hng » 24 Mar 2022, 07:23

After I following the example, I got return error from CRYPTO_INIT event:

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

The same server I connect using html5 client https connection has no issue. Where do I miss ?

Sorry I need to more clear:

openssl s_client -connect www.somehttpslink.com:8443 --> Ok
but
openssl s_client -connect www.somehttpslink.com:9933 --> Not Ok

CONNECTED(00000194)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 344 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)


it seem 9933 not cert yet. Where did I miss ?
User avatar
Lapo
Site Admin
Posts: 22999
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: Examples Android connection using TLS

Postby Lapo » 24 Mar 2022, 08:38

Hi,
the 2nd test you are running on port 9933 will never work because openssl doesn't speak the SFS2X protocol. You can only test HTTPS websites.
To check the integrity of your certificate I would recommend using an SSL diagnostics tool such as this:
https://www.digicert.com/help/

Point the tool to your HTTPS domain and see the results.
If everything is in order I'd suggest you send us the details of your server (IP address and domain) so we can double check. In that case you can contact us directly via our support@... mailbox, adding a reference to this discussion.

Thanks!
Lapo

--

gotoAndPlay()

...addicted to flash games
hng
Posts: 30
Joined: 01 Nov 2021, 18:17

Re: Examples Android connection using TLS

Postby hng » 24 Mar 2022, 14:40

thank you, spare me much time that openssl use different protocol with sfs in TLS port 9933

I use the link to check the certificate it ok, support both TLS1.2 and TLS1.3

After some digging, I came across that if I include my cert file in APK folder .\RAW, there is no issue the server do not disconnect me after I connect. But is this a best practice including cert file into APK ?


Best Regards,
User avatar
Lapo
Site Admin
Posts: 22999
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: Examples Android connection using TLS

Postby Lapo » 25 Mar 2022, 16:40

I have never heard of this before, though I am no Android expert.
Generally speaking I find it strange that you would need to do add the certificate on the client side. Also, we have done different tests with Android apps and never had to do such a thing.

Similarly you don't need to do that for Java apps, which is what an Android app is, essentially. (well, unless you're developing in C++ :D )

Cheers
Lapo

--

gotoAndPlay()

...addicted to flash games
hng
Posts: 30
Joined: 01 Nov 2021, 18:17

Re: Examples Android connection using TLS

Postby hng » 28 Mar 2022, 09:39

ok after some more digging, the difference between staging and production server is the OS, in staging using window 2019 server is not support TLS 1.3, so all android sdk include >=30 using TLS 1.2

While in production we are using win 2022 server already support TLS 1.3 so by default all android communication using TLS 1.3 which not supported by android sdk until >=30

After disable TLS 1.3 in win 2022, the android client works perfectly, hopes this will help others in future


Many thanks LAPO


Best regards,
Sen
User avatar
Lapo
Site Admin
Posts: 22999
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: Examples Android connection using TLS

Postby Lapo » 28 Mar 2022, 14:50

Thanks for the update. I am glad you've found the cause of the problem :)

Cheers
Lapo

--

gotoAndPlay()

...addicted to flash games

Return to “SFS2X Java / Android API”

Who is online

Users browsing this forum: No registered users and 6 guests