Support Article

Connect-REST fails to connect



Connect-REST fails to connect to a service which excepts Server Name Indication (SNI) during handshake.

Error Messages

Exception caught during REST Connector connectivity test : Connection to service failed Connection to service failed
Caused by: peer not authenticated
at com.pega.apache.http.conn.ssl.AbstractVerifier.verify(

Steps to Reproduce

1) Create Connect-REST or use existing one.
2) Click on "TestConnectivity".
3) Try running the actual activity which invokes the REST connector.
4) Verify the SSL debug log. The extension server_name will be missing in client hello:
ClientHello, TLSv1.2
Extension server_name, server_name: [type=host_name (0), value=<>] ( This line is missing)

Root Cause

Server Name Indication (SNI) feature is not supported until Pega 7.2.2.

This is a is a known issue when a service provider is supporting multiple host names on a given IP address and port number. In Pega 7.2.2 the Apache libraries has been upgraded and is not feasible to port in older release.


Perform the following local-change:

The solution is to work with the service provider to:

Change the default certificate for non-SNI clients


Provide an alternate port to access the alternate host & certificate


Upgrade to Pega 7.2.2

Published April 20, 2017 - Updated May 9, 2017

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.