SSLSocket Class

The extension of Socket providing secure protocols like SSL (Secure Sockets Layer) or TLS (Transport Layer Security).

Syntax

[Android.Runtime.Register("javax/net/ssl/SSLSocket", DoNotGenerateAcw=true)]
public abstract class SSLSocket : Java.Net.Socket

Remarks

The extension of Socket providing secure protocols like SSL (Secure Sockets Layer) or TLS (Transport Layer Security).

Default configuration

SSLSocket instances obtained from default Javax.Net.Ssl.SSLSocketFactory, Javax.Net.Ssl.SSLServerSocketFactory, and Javax.Net.Ssl.SSLContext are configured as follows:

Protocols

Client socket:
Protocol Supported (API Levels) Enabled by default (API Levels)
SSLv3 1+ 1+
TLSv1 1+ 1+
TLSv1.1 16+ 20+
TLSv1.2 16+ 20+

Protocol	Supported (API Levels)	Enabled by default (API Levels)
SSLv3	1+	1+
TLSv1	1+	1+
TLSv1.1	16+	20+
TLSv1.2	16+	20+

Server socket:
Protocol Supported (API Levels) Enabled by default (API Levels)
SSLv3 1+ 1+
TLSv1 1+ 1+
TLSv1.1 16+ 16+
TLSv1.2 16+ 16+

Protocol	Supported (API Levels)	Enabled by default (API Levels)
SSLv3	1+	1+
TLSv1	1+	1+
TLSv1.1	16+	16+
TLSv1.2	16+	16+

Cipher suites

Methods that operate with cipher suite names (for example, SSLSocket.GetSupportedCipherSuites, SSLSocket.SetEnabledCipherSuites(String[])) have used standard names for cipher suites since API Level 9, as listed in the table below. Prior to API Level 9, non-standard (OpenSSL) names had been used (see the table following this table).
Cipher suite Supported (API Levels) Enabled by default (API Levels)
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 9+ 9-19
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 9+ 9-19
SSL_DHE_DSS_WITH_DES_CBC_SHA 9+ 9-19
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 9+ 9-19
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 9+ 9-19
SSL_DHE_RSA_WITH_DES_CBC_SHA 9+ 9-19
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA 9+
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 9+
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA 9+
SSL_DH_anon_WITH_DES_CBC_SHA 9+
SSL_DH_anon_WITH_RC4_128_MD5 9+
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 9+ 9-19
SSL_RSA_EXPORT_WITH_RC4_40_MD5 9+ 9-19
SSL_RSA_WITH_3DES_EDE_CBC_SHA 9+ 9-19
SSL_RSA_WITH_DES_CBC_SHA 9+ 9-19
SSL_RSA_WITH_NULL_MD5 9+
SSL_RSA_WITH_NULL_SHA 9+
SSL_RSA_WITH_RC4_128_MD5 9+ 9-19
SSL_RSA_WITH_RC4_128_SHA 9+ 9+
TLS_DHE_DSS_WITH_AES_128_CBC_SHA 9+ 9+
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 20+
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 20+
TLS_DHE_DSS_WITH_AES_256_CBC_SHA 9+ 11+
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 20+
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 20+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA 9+ 9+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 20+
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 20+ 20+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA 9+ 11+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 20+
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 20+ 20+
TLS_DH_anon_WITH_AES_128_CBC_SHA 9+
TLS_DH_anon_WITH_AES_128_CBC_SHA256 20+
TLS_DH_anon_WITH_AES_128_GCM_SHA256 20+
TLS_DH_anon_WITH_AES_256_CBC_SHA 9+
TLS_DH_anon_WITH_AES_256_CBC_SHA256 20+
TLS_DH_anon_WITH_AES_256_GCM_SHA384 20+
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 11+ 11-19
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 11+ 11+
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 20+
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 20+ 20+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 11+ 11+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 20+
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 20+ 20+
TLS_ECDHE_ECDSA_WITH_NULL_SHA 11+
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 11+ 11+
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 21+ 21+
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 21+ 21+
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 11+ 11-19
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 11+ 11+
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 20+
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 20+ 20+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 11+ 11+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 20+
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 20+ 20+
TLS_ECDHE_RSA_WITH_NULL_SHA 11+
TLS_ECDHE_RSA_WITH_RC4_128_SHA 11+ 11+
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 11+ 11-19
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 11+ 11-19
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 20+
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 20+
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 11+ 11-19
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 20+
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 20+
TLS_ECDH_ECDSA_WITH_NULL_SHA 11+
TLS_ECDH_ECDSA_WITH_RC4_128_SHA 11+ 11-19
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 11+ 11-19
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 11+ 11-19
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 20+
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 20+
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 11+ 11-19
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 20+
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 20+
TLS_ECDH_RSA_WITH_NULL_SHA 11+
TLS_ECDH_RSA_WITH_RC4_128_SHA 11+ 11-19
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 11+
TLS_ECDH_anon_WITH_AES_128_CBC_SHA 11+
TLS_ECDH_anon_WITH_AES_256_CBC_SHA 11+
TLS_ECDH_anon_WITH_NULL_SHA 11+
TLS_ECDH_anon_WITH_RC4_128_SHA 11+
TLS_EMPTY_RENEGOTIATION_INFO_SCSV 11+ 11+
TLS_FALLBACK_SCSV 21+
TLS_PSK_WITH_3DES_EDE_CBC_SHA 21+
TLS_PSK_WITH_AES_128_CBC_SHA 21+ 21+
TLS_PSK_WITH_AES_256_CBC_SHA 21+ 21+
TLS_PSK_WITH_RC4_128_SHA 21+
TLS_RSA_WITH_AES_128_CBC_SHA 9+ 9+
TLS_RSA_WITH_AES_128_CBC_SHA256 20+
TLS_RSA_WITH_AES_128_GCM_SHA256 20+ 20+
TLS_RSA_WITH_AES_256_CBC_SHA 9+ 11+
TLS_RSA_WITH_AES_256_CBC_SHA256 20+
TLS_RSA_WITH_AES_256_GCM_SHA384 20+ 20+
TLS_RSA_WITH_NULL_SHA256 20+

Cipher suite	Supported (API Levels)	Enabled by default (API Levels)
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	9+	9-19
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA	9+	9-19
SSL_DHE_DSS_WITH_DES_CBC_SHA	9+	9-19
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	9+	9-19
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA	9+	9-19
SSL_DHE_RSA_WITH_DES_CBC_SHA	9+	9-19
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA	9+
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5	9+
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA	9+
SSL_DH_anon_WITH_DES_CBC_SHA	9+
SSL_DH_anon_WITH_RC4_128_MD5	9+
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA	9+	9-19
SSL_RSA_EXPORT_WITH_RC4_40_MD5	9+	9-19
SSL_RSA_WITH_3DES_EDE_CBC_SHA	9+	9-19
SSL_RSA_WITH_DES_CBC_SHA	9+	9-19
SSL_RSA_WITH_NULL_MD5	9+
SSL_RSA_WITH_NULL_SHA	9+
SSL_RSA_WITH_RC4_128_MD5	9+	9-19
SSL_RSA_WITH_RC4_128_SHA	9+	9+
TLS_DHE_DSS_WITH_AES_128_CBC_SHA	9+	9+
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256	20+
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256	20+
TLS_DHE_DSS_WITH_AES_256_CBC_SHA	9+	11+
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256	20+
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384	20+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA	9+	9+
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA	9+	11+
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256	20+
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_DH_anon_WITH_AES_128_CBC_SHA	9+
TLS_DH_anon_WITH_AES_128_CBC_SHA256	20+
TLS_DH_anon_WITH_AES_128_GCM_SHA256	20+
TLS_DH_anon_WITH_AES_256_CBC_SHA	9+
TLS_DH_anon_WITH_AES_256_CBC_SHA256	20+
TLS_DH_anon_WITH_AES_256_GCM_SHA384	20+
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA	11+	11-19
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA	11+	11+
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA	11+	11+
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_ECDHE_ECDSA_WITH_NULL_SHA	11+
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA	11+	11+
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA	21+	21+
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA	21+	21+
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA	11+	11-19
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	11+	11+
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA	11+	11+
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_ECDHE_RSA_WITH_NULL_SHA	11+
TLS_ECDHE_RSA_WITH_RC4_128_SHA	11+	11+
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA	11+	11-19
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA	11+	11-19
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256	20+
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA	11+	11-19
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384	20+
TLS_ECDH_ECDSA_WITH_NULL_SHA	11+
TLS_ECDH_ECDSA_WITH_RC4_128_SHA	11+	11-19
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA	11+	11-19
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA	11+	11-19
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256	20+
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA	11+	11-19
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384	20+
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384	20+
TLS_ECDH_RSA_WITH_NULL_SHA	11+
TLS_ECDH_RSA_WITH_RC4_128_SHA	11+	11-19
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA	11+
TLS_ECDH_anon_WITH_AES_128_CBC_SHA	11+
TLS_ECDH_anon_WITH_AES_256_CBC_SHA	11+
TLS_ECDH_anon_WITH_NULL_SHA	11+
TLS_ECDH_anon_WITH_RC4_128_SHA	11+
TLS_EMPTY_RENEGOTIATION_INFO_SCSV	11+	11+
TLS_FALLBACK_SCSV	21+
TLS_PSK_WITH_3DES_EDE_CBC_SHA	21+
TLS_PSK_WITH_AES_128_CBC_SHA	21+	21+
TLS_PSK_WITH_AES_256_CBC_SHA	21+	21+
TLS_PSK_WITH_RC4_128_SHA	21+
TLS_RSA_WITH_AES_128_CBC_SHA	9+	9+
TLS_RSA_WITH_AES_128_CBC_SHA256	20+
TLS_RSA_WITH_AES_128_GCM_SHA256	20+	20+
TLS_RSA_WITH_AES_256_CBC_SHA	9+	11+
TLS_RSA_WITH_AES_256_CBC_SHA256	20+
TLS_RSA_WITH_AES_256_GCM_SHA384	20+	20+
TLS_RSA_WITH_NULL_SHA256	20+

NOTE: PSK cipher suites are enabled by default only if the SSLContext through which the socket was created has been initialized with a PSKKeyManager.

API Levels 1 to 8 use OpenSSL names for cipher suites. The table below lists these OpenSSL names and their corresponding standard names used in API Levels 9 and newer.
OpenSSL cipher suite Standard cipher suite Supported (API Levels) Enabled by default (API Levels)
AES128-SHA TLS_RSA_WITH_AES_128_CBC_SHA 1+ 1+
AES256-SHA TLS_RSA_WITH_AES_256_CBC_SHA 1+ 1-8, 11+
DES-CBC-MD5 SSL_CK_DES_64_CBC_WITH_MD5 1-8 1-8
DES-CBC-SHA SSL_RSA_WITH_DES_CBC_SHA 1+ 1-19
DES-CBC3-MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 1-8 1-8
DES-CBC3-SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA 1+ 1-19
DHE-DSS-AES128-SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA 1+ 1+
DHE-DSS-AES256-SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA 1+ 1-8, 11+
DHE-RSA-AES128-SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA 1+ 1+
DHE-RSA-AES256-SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA 1+ 1-8, 11+
EDH-DSS-DES-CBC-SHA SSL_DHE_DSS_WITH_DES_CBC_SHA 1+ 1-19
EDH-DSS-DES-CBC3-SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 1+ 1-19
EDH-RSA-DES-CBC-SHA SSL_DHE_RSA_WITH_DES_CBC_SHA 1+ 1-19
EDH-RSA-DES-CBC3-SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 1+ 1-19
EXP-DES-CBC-SHA SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 1+ 1-19
EXP-EDH-DSS-DES-CBC-SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 1+ 1-19
EXP-EDH-RSA-DES-CBC-SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 1+ 1-19
EXP-RC2-CBC-MD5 SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 1-8 1-8
EXP-RC4-MD5 SSL_RSA_EXPORT_WITH_RC4_40_MD5 1+ 1-19
RC2-CBC-MD5 SSL_CK_RC2_128_CBC_WITH_MD5 1-8 1-8
RC4-MD5 SSL_RSA_WITH_RC4_128_MD5 1+ 1-19
RC4-SHA SSL_RSA_WITH_RC4_128_SHA 1+ 1+

OpenSSL cipher suite	Standard cipher suite	Supported (API Levels)	Enabled by default (API Levels)
AES128-SHA	TLS_RSA_WITH_AES_128_CBC_SHA	1+	1+
AES256-SHA	TLS_RSA_WITH_AES_256_CBC_SHA	1+	1-8, 11+
DES-CBC-MD5	SSL_CK_DES_64_CBC_WITH_MD5	1-8	1-8
DES-CBC-SHA	SSL_RSA_WITH_DES_CBC_SHA	1+	1-19
DES-CBC3-MD5	SSL_CK_DES_192_EDE3_CBC_WITH_MD5	1-8	1-8
DES-CBC3-SHA	SSL_RSA_WITH_3DES_EDE_CBC_SHA	1+	1-19
DHE-DSS-AES128-SHA	TLS_DHE_DSS_WITH_AES_128_CBC_SHA	1+	1+
DHE-DSS-AES256-SHA	TLS_DHE_DSS_WITH_AES_256_CBC_SHA	1+	1-8, 11+
DHE-RSA-AES128-SHA	TLS_DHE_RSA_WITH_AES_128_CBC_SHA	1+	1+
DHE-RSA-AES256-SHA	TLS_DHE_RSA_WITH_AES_256_CBC_SHA	1+	1-8, 11+
EDH-DSS-DES-CBC-SHA	SSL_DHE_DSS_WITH_DES_CBC_SHA	1+	1-19
EDH-DSS-DES-CBC3-SHA	SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA	1+	1-19
EDH-RSA-DES-CBC-SHA	SSL_DHE_RSA_WITH_DES_CBC_SHA	1+	1-19
EDH-RSA-DES-CBC3-SHA	SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA	1+	1-19
EXP-DES-CBC-SHA	SSL_RSA_EXPORT_WITH_DES40_CBC_SHA	1+	1-19
EXP-EDH-DSS-DES-CBC-SHA	SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	1+	1-19
EXP-EDH-RSA-DES-CBC-SHA	SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	1+	1-19
EXP-RC2-CBC-MD5	SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5	1-8	1-8
EXP-RC4-MD5	SSL_RSA_EXPORT_WITH_RC4_40_MD5	1+	1-19
RC2-CBC-MD5	SSL_CK_RC2_128_CBC_WITH_MD5	1-8	1-8
RC4-MD5	SSL_RSA_WITH_RC4_128_MD5	1+	1-19
RC4-SHA	SSL_RSA_WITH_RC4_128_SHA	1+	1+

[Android Documentation]

Requirements

Namespace: Javax.Net.Ssl
Assembly: Mono.Android (in Mono.Android.dll)
Assembly Versions: 0.0.0.0
Since: Added in API level 1