Esri is committed to building and providing strong security for ArcGIS and helping our customers by using the latest security protocols. We strive to implement the highest industry standards, including TLS for data integrity and network security.
To meet these standards, Esri is making software updates across ArcGIS to support TLS 1.2. As part of improving ArcGIS Online security, Esri is requiring TLS 1.2 connections for ArcGIS Online services. Action is required to ensure continued access to these services.
Note: See the Product Life Cycle pages on the Esri Support site for the support status of each released version of the ArcGIS Runtime SDK for Android.
ArcGIS Runtime SDK for Android versions 10.2.9 and 100.x support TLS 1.2 on devices running Android versions 5.0 and above (API 21 and above).
However, on devices running Android 4.4 (API 19) and earlier with both 100.x and 10.2.9 SDKs, network requests fail with the following error:
javax.net.ssl.SSLException: SSL handshake aborted
To support TLS 1.2 on devices running Android 4.4 (API 19), users must add code to their application that updates the device's security provider as described in the following Android developer document 'Update your security provider to protect against SSL exploits ' .
Note: The proposed solution only works on devices with Google Play Services installed, otherwise an attempt to update the security provider result in a 'GooglePlayServicesNotAvailableException'. If your application is likely to target devices that don't have Google Play Services installed, it might be advisable to target your application only for devices running Android 5.0 and above (API 21 and above).
|Android API Level||10.2.9||100.x|
|19 and lower||(X)*||(X)*|
|21 and higher||X||X|
*Requires application level code to update device's security provider as described above.
Note: See the Esri Support TLS Page for information on how to use TLS 1.2 with other Esri products.