Android 设置客户端支持的TLS支持的版本号

    前：最近做基于XMPP协议的IM，服务端用的是OpenFire，客户端用的Smack包，需要进行TLS加密服务端设置为只支持TLS1.2，可是我开加密的时候客户端总是TLS1，不知为何，最终在stackoverflow找到答案：http://stackoverflow.com/questions/37815995/android-smack-ssl-tls-connection-to-xmpp-ejabberd-server-with-ca-certificate

我的代码：

MySSLSocketFactory mySSLSocketFactory=null;
try {
KeyStore trustStore = KeyStore.getInstance("BKS");
mySSLSocketFactory = new MySSLSocketFactory(trustStore,服务器HOST);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
userName=StringUtils.escapeJIDName(userName);
SmackConfiguration.setDefaultPacketReplyTimeout(30*1000);
DomainBareJid serviceName= null;
try {
serviceName = JidCreate.domainBareFrom(HttpUrl.getInstante().getEasyLifeHost());
} catch (XmppStringprepException e) {
e.printStackTrace();
}
mXmpptcpConnectionConfiguration=XMPPTCPConnectionConfiguration.builder()
.setServiceName(serviceName)
.setHost(HttpUrl.getInstante().getEasyLifeHost())
.setPort(5222)
// .setResource("Android")
.setUsernameAndPassword(userName, password)
.setSendPresence(isPresence)
.setDebuggerEnabled(true)
.setSecurityMode(SecurityMode.required)
.setCompressionEnabled(false)
.setConnectTimeout(30*1000)
.setCustomSSLContext(mySSLSocketFactory.getSSLContext())
.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
})
.setEnabledSSLProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"})
.build();

import org.apache.http.conn.ssl.SSLSocketFactory;

import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

public class MySSLSocketFactory extends SSLSocketFactory {

private SSLContext sslContext = SSLContext.getInstance("TLS");

private String baseUrl;

public MySSLSocketFactory(KeyStore truststore,String url)
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException, UnrecoverableKeyException {
super(truststore);

baseUrl=url;
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
trustManagerFactory.init(truststore);
X509TrustManager trustManager=(X509TrustManager) trustManagerFactory.getTrustManagers()[0];
MyX509TrustManager myTrustManager = new MyX509TrustManager(trustManager);
sslContext.init(null, new TrustManager[]{myTrustManager}, null);
}

public Socket createSocket(Socket socket, String host, int port,
boolean autoClose) throws IOException, UnknownHostException {
SSLSocket sslSocket= (SSLSocket) sslContext.getSocketFactory().createSocket(socket, host, port,
autoClose);
sslSocket.setEnabledProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"});
return sslSocket;
}

public Socket createSocket() throws IOException {
SSLSocket sslSocket=(SSLSocket) sslContext.getSocketFactory().createSocket();
sslSocket.setEnabledProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"});
return sslSocket;
}

public SSLContext getSSLContext(){
return sslContext;
}

public class MyX509TrustManager implements X509TrustManager {

private X509TrustManager tm;

public MyX509TrustManager(X509TrustManager tm) {
this.tm = tm;
}

public X509Certificate[] getAcceptedIssuers() {
throw new UnsupportedOperationException();
}

public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
throw new UnsupportedOperationException();
}

public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
}