Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Node running on Java 7 is unable to connect to external URL



A Pega 7.1.5 monitored node running on Java 7 is unable to connect to Pega Diagnostic Cloud (PDC) external URL.

Error Messages

(.httpclient.HttpMethodDirector)DEBUG - Connection has been shutdown: Remote host closed connection during handshake
apache.axis2.AxisFault: Connection has been shutdown: Remote host closed connection during handshake
at priv.util.SOAPAppenderPega.sendEvent(
at priv.util.SOAPAppenderPega._append(
at priv.util.SOAPAppenderPega.append(
at priv.util.SOAPAppenderPega.doAppend(
at log4j.helpers.AppenderAttachableImpl.appendLoopOnAppenders(
at log4j.AsyncAppender$
Caused by:Connection has been shutdown: Remote host closed connection during handshake
at BaseStreamWriter._finishDocument(
at BaseStreamWriter.close(
at MTOMXMLStreamWriter.close(
at axis2.transport.http.SOAPMessageFormatter.writeTo( has been Remote host closed connection during handshake
at flushBuffer(
at flush(
at ChunkedOutputStream.flush(
at UTF8Writer.flush(
at BufferingXmlWriter.flush(
at wstx.sw.BufferingXmlWriter.close(
at wstx.sw.BaseStreamWriter._finishDocument(
HandshakeException: Remote host closed connection during handshake
at ssl.SSLSocketImpl.performInitialHandshake(
Caused by: SSL peer shut down incorrectly
... 37 more

Steps to Reproduce

  1. Configure Pega Diagnostic Cloud in an on-premise monitored node using the tenant URL provided
  2. Inspect the Pega Diagnostic Cloud System Connectivity for the connected systems. The newly defined node does not display
  3. Enable the SSL debug ( on the monitored node
  4. Enable the TLS v1.2 support (-Dhttps.protocols=TLSv1.2). SSLHandshakeException occurs in the logs

Root Cause

A defect or configuration issue in the operating environment. SSLHandshakeExceptions are caused by the lack of support of TLS v1.2 on Java 7. Pega Diagnostic Cloud allows connections using TLS 1.2 protocol because of the security reasons. TLS 1.2 is supported on Java 7 but is not enabled out-of-the-box.

The user enables it using the below arguments but is insufficient:

-Dhttps.protocols=TLSv1.2 -Dhttps.cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLSv1.2 SSLContext must be explicitly created and assigned as the default context.


Upgrade to a Pega version which supports Java 8 

Perform the following local-change:
  1. Add the below Java System Properties in the JAVA_OPTIONS Environment Variable:

  2. Create a custom activity with single Java step with the below content:
    try { 
       oLog.infoForced("Creating a \"TLSv1.2\" SSLContext programmatically..."); context ="TLSv1.2"); 
       oLog.infoForced("\"TLSv1.2\" SSLContext successfully created."); 
    } catch (Exception e) { 
       oLog.fatal("Failed to create \"TLSv1.2\" SSLContext", e); 

  3. Uncheck the Require authentication to run checkbox on the Activity's Security tab
  4. Create a custom agent to execute an activity with the Startup pattern, Advanced Execution Mode and five seconds interval in the Agent-Wide settings 
  5. Restart the application server
  6. Verify the behaviour 




Published October 18, 2019 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us