2021년 1월 7일 목요일

 SSL handshake fails due to TLSv1 used on IBM JDK


SSL handshake fails due to TLSv1 used on IBM JDK

SSL handshake failure caused by wrong TLS version used by Mule. This article explains how to force Mule runtime running on IBM JDK to use TLSv1.1/1.2.


SYMPTOM

Mule server is running on IBM JDK. When making an outbound call to Salesforce which only supports TLSv1.2, the following error is received:

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
at com.ibm.jsse2.k.a(k.java:15) ~[?:8.0 build_20180305] 
at com.ibm.jsse2.k.a(k.java:23) ~[?:8.0 build_20180305] 
at com.ibm.jsse2.av.b(av.java:343) ~[?:8.0 build_20180305] 


CAUSE

TLSv1 is used by IBM JDK to make the external HTTP call. 

SOLUTION

Please specify the supported TLS version using the following system parameters:
jdk.tls.client.protocols=TLSv1.1,TLSv1.2
https.protocols=TLSv1.1,TLSv1.2

댓글 없음:

댓글 쓰기