Android App SSLSocket connection


#1

Hello,

I just signed up with cloud flare, Im not allowed to create a new post yet, but i have a question i need answered…

I have a wordpress website, and also have an Android App that creates a permanent SSL socket to another program running on the same machine as the wordpress server.

Since i started using cloud flare, the https website works, but my android app can no longer connect using SSL socket (not http or https but a permanent SSL socket connection) to the program running on the same machine

The android program is using port 8888. Which port can I use that i can pass through cloud flare to connect the socket to the program running on my server?

Does anyone know how i can fix that?

Thanks


SSL www to non-www not working
#2

#3

Thanks for your response.

I’m using godaddy can you give detailed instructions on how to do what you just said? I’m not really an expert,

thanks


#4

I suggest you contact the app developer to help you work around port restrictions. Maybe that app has some settings that let you choose a port from the list in the Support article I linked to above.

The only other option would be to create a subdomain and set it to :grey: in DNS here so you’re bypassing Cloudflare’s proxy.


#5

Hello thanks for info, I’m the developer

Can you give step by step on how to create a su domain, I use go daddy, and step by step on how do I set it to gray?

After I do that I will be able to just connect the app to the server like I did before from the app or do I need to do some additional?

Normally from android java app I just do this below to create a raw socket (its not http or https but raw SSL data socket permanently opened)

socket= new SSLsocket(“example.com”);

I already have my own SSL certificate on the server before I use cloud flare, Then I can read and write to socket, but now it doesn’t work when I run site through cloud flare.

If I create a sub domain will SSL still work if I do this below, because my SSL I bought doesn’t cover sub domains, can I use existing or create SSL certificate for subdomain using cloud flare?

Socket = new SSLSocket(“subdomain.example.com”);

Thanks


#6
  1. At GoDaddy, add a Subdomain (I don’t use GoDaddy, so you’ll have to search their documentation on how to add subdomains)
  2. Use your DNS tab here at Cloudflare to add an A record entry for that subdomain and input the IP address you use at GoDaddy. Make sure the A record here is set to :grey: so it bypasses caching, etc. Don’t use :orange:.

I’m surprised to hear your SSL certificate doesn’t allow subdomains. It should, at a minimum, allow ‘www’. And, typically, it supports wildcard subdomain so you can use any sub.example.com setup.


#7

Broke developers like myself cant afford the fancy certificates that can do all that, mine can only do single domain and no subdomain, no wildcard.

Cloudflare control panel said my server IP address will be exposed if I make the icon gray, I don’t want that, maybe I can use VPN instead? Does cloud flare do VPN too? Can cloud flare simply act as a proxy, or just hide my subdomain IP address which is what i want to do since im getting hacked all the time.


#8

Let’s Encrypt certificates can handle several subdomains, and is free. They just this week introduced wildcard certificates, but I don’t know if GoDaddy has implemented it yet.

Yes, your IP address will be exposed when set to :grey:. As you’ve discovered, :orange: won’t work for you because of the non-standard port, and that’s the only way to hide your origin IP address…unless you can use one of the ports listed above.

If you can use one of the above ports, you won’t need a subdomain (as far as I know) since you’ll just be proxying a different HTTP(S) port.


#9

Hi,

Can you confirm you are using this? https://developer.android.com/reference/javax/net/ssl/SSLSocket.html - It sounds like you are…

I tried to go to your domain to troubleshoot but I received a TLS handshake failure and then a 522:

As you can see there are a variety of reasons for this error. What is the specific error coming from your android app, and have you tried changing that port?

Is your Cloudflare SSL setting set to Full or Full(Strict) to support this?


#10

I turned off my webserver, that’s the reason you are having errors. I turned off the server till I can figure it all out


#11

This topic was automatically closed after 14 days. New replies are no longer allowed.