Question

如何在Android中的HttpsUrlConnection禁用SSLv3的

Answer 1

调用URL连接之前添加以下行：
java.lang.System.setProperty("https.protocols", "TLSv1");
就可以禁用SSLv3的。

Answer 2

I found the solution for it by analyzing the data packets using wireshark. What I found is that while making a secure connection, android was falling back to SSLv3 from TLSv1 . It is a bug in android versions < 4.4 , and it can be solved by removing the SSLv3 protocol from Enabled Protocols list. I made a custom socketFactory class called NoSSLv3SocketFactory.java. Use this to make a socketfactory.