Native Android TLS (iohAndroidTLS) is the Android-native TLS transport for sgcWebSockets. It drives the platform's own javax.net.ssl.SSLEngine through JNI, so your APK ships no OpenSSL .so files. Enable it by setting TLSOptions.IOHandler to iohAndroidTLS.
Android-native TLS using the platform's SSLEngine through JNI. No OpenSSL .so in your APK.
Native Android TLS hands the encryption to Android itself. sgcWebSockets calls the platform's javax.net.ssl.SSLEngine through JNI, so the operating system performs the handshake, the record encryption and the certificate work. The immediate benefit is that your APK carries no OpenSSL .so files. The package is smaller, and you never patch or version-match a third-party crypto library, because the TLS stack is maintained and updated by the OS.
The backend validates the server against the Android system trust store and performs hostname verification, so connections to well-known certificate authorities work without extra configuration. It negotiates TLS 1.3, and it supports ALPN on Android 10 (API 29) and later, which lets you advertise application protocols such as http/1.1 during the handshake.
Choose this backend for Android apps that must avoid shipping or patching OpenSSL, or that prefer to defer entirely to the platform's TLS policy. Like every sgcWebSockets backend it sits behind the same TLSOptions API, so the rest of your networking code is identical to the OpenSSL, SChannel and Apple paths, and only the IOHandler line changes per platform.
Code
Enable Native Android TLS
Set TLSOptions.IOHandler to iohAndroidTLS in your Android build. No OpenSSL .so is needed.
The TLS stack already lives on the device, so your package stays lean and the OS owns the updates.
No .so to Bundle
The APK ships without libssl or libcrypto, so the package is smaller and there is no native crypto to maintain.
System Trust Store
Validation runs against the Android system trust store with hostname verification, no extra setup for public CAs.
TLS 1.3
The platform negotiates TLS 1.3, and ALPN is available on Android 10 (API 29) and later for protocol selection.
OS-Maintained
Android owns the TLS implementation, so security fixes arrive through system updates rather than your release cycle.
Edition note
Native Android TLS (iohAndroidTLS) requires the Enterprise edition of sgcWebSockets and Rad Studio XE8 or later (the Android platform TLS bindings are not available in earlier versions). See the feature matrix for the full breakdown.
Native Android TLS, Zero OpenSSL
Download the free trial and ship Android apps with no OpenSSL .so to deploy.