Comments (6)
Hey @crocoM4,
Thanks for opening this issue. We're aware of issues with the SSL implementation on that particular Samsung device that will prevent the device from communicating with Braintree's servers. Note also that later this year, Braintree will be completely dropping support for all security protocols lower than TLS 1.2, as required by PCI regulations. See this article for more information on the industry's transition to newer security protocols. Would you mind trying your integration on a newer device or emulator and letting us know if you're still experiencing issues?
from braintree-android-drop-in.
The SDK has had TLS 1.2 enabled on API 16-19 devices for quite some time.
We've heard of this issue occurring on a very small number of devices, but have never been able to get a device that reproduces this. We suspect an implementation bug on the devices that always tries to use SSLv3 and won't fallback to other methods if the server does not support SSLv3.
As a quick test, if you put this code in your app and run it on the Samsung S7390 that is currently returning the error you should get some log output that may be useful in tracking this down.
try {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, null, null);
SocketFactory socketFactory = sslContext.getSocketFactory();
String[] supportedProtocols = ((SSLSocket) socketFactory.createSocket()).getSupportedProtocols();
for (String protocol : supportedProtocols) {
Log.d("SSL-TEST", "Supported SSL protocol: " + protocol);
}
} catch (Exception e) {
Log.d("SSL-TEST", e.getMessage());
}
from braintree-android-drop-in.
Hi @sdcoffey,
thanks for reply.
I have test my app on a THL T6C Android 5.1 API 22 and it work.
I try even on a Samsung S4 Android 4.4.2 API 19 and it worked but, i think, because that device is rooted, maybe on other API 19 device it doesn't work.
In android documentation said that the TLS 1.2 is supported by 16+ API device but is enable by default from API 20+ .
I search a method to enable it and i fonud this solution , create a custom SSLSocketFactory and than pass to a OkHttpClient.
There is a possibilty to integrate that method and make calls to Braintree's servers?
There is any a workaround to make it work?
from braintree-android-drop-in.
Hi @lkorth
i put your code in my MainActivity in the onCreate method.
here the log that i get:
05-04 17:30:10.384 5795-5795/com.example.prova D/SSL-TEST: Supported SSL protocol: SSLv3
05-04 17:30:10.384 5795-5795/com.example.prova D/SSL-TEST: Supported SSL protocol: TLSv1
05-04 17:30:10.384 5795-5795/com.example.prova D/SSL-TEST: Supported SSL protocol: TLSv1.1
05-04 17:30:10.384 5795-5795/com.example.prova D/SSL-TEST: Supported SSL protocol: TLSv1.2
if you need more tests or info just let me know.
Thanks for the reply and the explanations
from braintree-android-drop-in.
After a lot of search i found a solution that worked for me, in my code i added this:
ProviderInstaller.installIfNeeded(getApplicationContext());
here google documentation
For now I' dont get the exception and the drop-in ui work just fine.
from braintree-android-drop-in.
Thanks for sharing your fix!
It sounds like this may be similar to paypal/PayPal-Android-SDK#341 and something in Google Play services is swapping the SSL implementation. Calling ProviderInstaller#installIfNeeded
may be resetting it.
from braintree-android-drop-in.
Related Issues (20)
- Regarding integrating both DropIn and Paypal as standlone option HOT 6
- Can't Initialize Drop In Client HOT 16
- Layout and Inflate Errors HOT 12
- PayPal flow errors with UserCanceled error on returning to the Drop In. HOT 11
- Attempt to read from field 'java.lang.String com.cardinalcommerce.a.td.d' HOT 2
- Get reject by google play due to violation of User Data policy HOT 1
- AddCardFragment crashes upon device rotation with NullPointerException HOT 2
- Drop In wont able back to app HOT 10
- NullPointerException upon returning to app HOT 4
- Paypal payments end with 'User cancelled dropin' HOT 3
- Cardinal SDK configure Error HOT 2
- How set amount of money HOT 1
- Drop in probably stores payment data HOT 2
- Change Language Programmatically in braintree android dropin sdk HOT 3
- Google Play Console warning regarding com.braintreepayments.api:data-collector HOT 6
- Nonce is already consumed HOT 2
- Get Rejected by Google Play because of Violation of User Data, Permissions and APIs that Access Sensitive Information policy HOT 2
- Gradle wrapper jar not recognized by Gradle Wrapper Validation Action HOT 1
- Google is warning removal from Play Store because of Violation of User Data, Permissions and APIs that Access Sensitive Information policies HOT 16
- Upgrade braintree_android to 4.41.0 HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from braintree-android-drop-in.