Ovserved on a Nexus 5 running LPV79.

I have an app making https requests, and it always results in these logcat error:

06-30 00:09:07.934: W/Jetty(18234): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0xb9f3f078: Failure in SSL library, usually a protocol error 06-30 00:09:07.934: W/Jetty(18234): error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag (external/openssl/crypto/asn1/tasn_dec.c:1319 0x9cf6e0f1:0x00000000) 06-30 00:09:07.934: W/Jetty(18234): error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (external/openssl/crypto/asn1/tasn_dec.c:381 0xb9623b50:0x00000003) 06-30 00:09:07.934: W/Jetty(18234): error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error (external/openssl/crypto/asn1/tasn_dec.c:711 0x9cf6e0f1:0x00000000) 06-30 00:09:07.934: W/Jetty(18234): error:0D08403A:asn1 encoding routines:ASN1_TEMPLATE_EX_D2I:nested asn1 error (external/openssl/crypto/asn1/tasn_dec.c:579 0xba0bc7c8:0x00000003) 06-30 00:09:07.934: W/Jetty(18234): error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error (external/openssl/crypto/asn1/tasn_dec.c:751 0xb961a7b0:0x00000003) 06-30 00:09:07.934: W/Jetty(18234): error:1409000D:SSL routines:SSL3_GET_SERVER_CERTIFICATE:ASN1 lib (external/openssl/ssl/s3_clnt.c:1219 0x9cf6e0f1:0x00000000)

The exact same code works fine on Android versions other than L. Possible openssl bug ?

The https request are made by Jetty's ProxyServlet, proxying a http URI to a https one.

Thank you for reporting this issue. For us to be able to investigate this issue it would be helpful if you could provide the following additional information:

SDK version Which version of the SDK are you using?

Steps to reproduce What steps do others need to take in order to reproduce the issue themselves?

Expected output What do you expect to occur?

Current output What do you see instead?

Android bug report Press the volume up, volume down, and power buttons simultaneously. This will capture a bug report on your device in the “bug reports” directory. Attach this file to this issue.

Alternate method: In developer settings, ensure that ‘USB debugging’ is enabled, then enable bug report shortcut. To take bug report, hold the power button and select the ‘Take bug report’ option.

Screen capture of the issue Press the volume down and power buttons simultaneously. The image will appear in your gallery. Attach the screenshot file to this issue.

Thank you for reporting this issue. We have passed this on to the development team and will update this issue with more information as it becomes available.

The development team is requesting a bug report. It can be grabbed from adb with the following command:

adb bugreport > bugreport.txt

I uninstalled the L preview long ago, so I have not this information anymore.

Still happening on the Nexus 5 LPX13D preview.

I could isolate it in a small project: http://bubblesoftapps.com/LolHttpsIssue.zip

The project fetches a https URL using Jetty 7's HttpClient (https://wiki.eclipse.org/Jetty/Tutorial/HttpClient).

The SSLHandshakeException only happens when using the "Selecting NIO connector" (see code below). The request is performed fine using the "Socket Connector", which for me is the workaround. This may look like a HttpClient bug but I really advise to look if it is not a Lollipop regression regarding TLS, as it worked with previous versions of Android.

Here's the main code snippet from the atteched project to have a better idea on what it does:

    StrictMode.setThreadPolicy(ThreadPolicy.LAX);

    HttpClient client = new HttpClient();

    // see: https://wiki.eclipse.org/Jetty/Howto/Configure_Connectors

    //client.setConnectorType(HttpClient.CONNECTOR_SOCKET); // always works, uses sockets
    client.setConnectorType(HttpClient.CONNECTOR_SELECT_CHANNEL); // uses NIO buffers. Will trigger a SSLHandshakeException on Lollipop. Works on KitKat and previous versions
    try {
        client.start();


        HttpExchange exchange = new HttpExchange() {
            protected void onResponseComplete() throws IOException {
                Log.i(TAG, "request complete!");
            }
        };

        exchange.setMethod("GET");
        exchange.setURL("https://play.google.com"); // it doesn't matter what https URL is here 

        client.send(exchange); // start download of URL

        Log.i(TAG, "request sent");

    } catch (Exception e) {
        Log.e(TAG, "failed to execute request: " + e);
        return ;
    }

Thank you for this additional information. We will pass this along to the development team and provide updates as they are available.

This issue may also be the cause of https://code.google.com/p/android-developer-preview/issues/detail?id=1611

Any words on this? I am still getting this error on AOSP build.