Support Article
Rule Connect SOAP invocations do not work with TLSv1.2
SA-54374
Summary
Rule Connect SOAP invocations do not work with Transport Layer Security (TLS) v1.2.
Error Messages
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Steps to Reproduce
Invoke the flow by invoking the Rule-Connect-SOAP rules.
Root Cause
A defect or configuration issue in the operating environment. Legacy setup of SOAP Connectors was used and the trustStore setup via the Keystore rule was not present. The underlying JDK 1.7 defaults to a TLSv1 SSLContext and SSLContextFactory during the runtime.
Resolution
Perform the following local-change:
- Add the below Java source to Step7 of the InvokeAxis2 activity rule
try {
javax.net.ssl.TrustManagerFactory trustManagerFactory = javax.net.ssl.TrustManagerFactory.getInstance(javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((java.security.KeyStore)null);
javax.net.ssl.TrustManager[] tm = trustManagerFactory.getTrustManagers();
javax.net.ssl.SSLContext ctx= javax.net.ssl.SSLContext.getInstance("TLSv1.2");
ctx.init(null, tm, null);
javaFactory = ctx.getSocketFactory();
} catch (Exception e)
{
throw new ConnectorException("SSL configuration: unable to instantiate JSSE socket factory with current inputs", e);
}
- Save the Java source to the application ruleset
Published May 10, 2019 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.