View Issue Details

IDProjectCategoryView StatusLast Update
0001397MantisDroid[All Projects] Taskpublic2018-08-23 11:55
Reportere7andyAssigned Toe7andy 
PriorityimmediateSeverityblockReproducibilityalways
Status closedResolutionfixed 
Product Version 
Target Version2.7Fixed in Version2.7 
Summary0001397: Add support for TLS 1.2
DescriptionSupport for TLS 1.2 was added in API version 16+.
Change minSdkVersion to 16.

Enable support for TLS 1.2 in the code.
See:
https://groups.google.com/forum/#!topic/ksoap2-android/x2ns8t1htdM
http://stackoverflow.com/questions/28943660/how-to-enable-tls-1-2-support-in-an-android-application-running-on-android-4-1

http://simpligility.github.io/ksoap2-android/getting-started.html

From a mail discussion:
"I've tested your installation and it looks fine. It is probably something with the TLS certificate. I'm also using TLS 1.2 certificates from Let's Encrypt and it works just fine, but there is something strange here. The main difference between my server and yours is that you are running nginx and I'm running Apache.

Ok, I might have an idea now. The cipher suites supported by your nginx server is just TLS_ECDHE_RSA_WITH_AES_*
Here is a list of supported cipher suites and when they were enabled:
https://developer.android.com/reference/javax/net/ssl/SSLEngine
The cipher suite that your web server is supporting was enabled from API version 20 which is Android Lollipop v.5.0 and higher.

The app is using API 16 which was when TLS 1.2 was supported (which was the last fix). That was apparently just half true since not all ciphers were supported.

What I have to do is to move up the minimum API requirement to at least 20.
Unfortunately I'm in the middle of a migration from Eclipse development environment to Android Studio so no new builds can currently not be made. Google has stopped supporting Eclipse so I can't do any builds until the migration is completed. The migration is my main project right now so I will hopefully be done in a few weeks."
TagsNo tags attached.

Activities

e7andy

2016-12-10 17:34

administrator   ~0000297

Just changing the minSdkVersion to 16 is not enough. There needs to be more changed in the code to make the app work with TLS 1.2.

Issue History

Date Modified Username Field Change
2016-06-08 16:57 e7andy New Issue
2016-06-08 16:57 e7andy Status new => assigned
2016-06-08 16:57 e7andy Assigned To => e7andy
2016-06-08 17:08 e7andy Status assigned => resolved
2016-06-08 17:08 e7andy Fixed in Version => 2.7
2016-06-08 17:08 e7andy Resolution open => fixed
2016-09-19 10:46 e7andy Status resolved => assigned
2016-09-19 10:47 e7andy Fixed in Version 2.7 =>
2016-12-10 17:34 e7andy Note Added: 0000297
2017-02-07 11:03 e7andy Priority normal => urgent
2017-02-07 11:03 e7andy Severity minor => block
2017-02-07 11:03 e7andy Reproducibility have not tried => always
2017-02-07 11:03 e7andy Resolution fixed => open
2017-02-07 11:03 e7andy Description Updated View Revisions
2018-08-16 15:28 e7andy Priority urgent => immediate
2018-08-16 15:28 e7andy Description Updated View Revisions
2018-08-20 20:19 e7andy Status assigned => resolved
2018-08-20 20:19 e7andy Resolution open => fixed
2018-08-20 20:19 e7andy Fixed in Version => 2.7
2018-08-23 11:55 e7andy Status resolved => closed