Support Article
SSL connection fails due to using the wrong version of TLS
SA-61198
Summary
REST connector fails with SSLPeerUnverifiedException.
Error Messages
PegaRULES log: Caught unhandled exception: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
JVM debug logs shows: WRITE: TLSv1 Handshake
Steps to Reproduce
Invoke a REST connector.
Root Cause
A defect or configuration issue in the operating environment.
The endpoint requires TLS 1.2; however, Pega and the application server are configured to send a TLS 1 connection.
Resolution
Perform the following local-change:
- In the Connect-REST rule, set the 'Lowest Allowable SSL/TLS version' to TLS 1.2.
- Check with the application server administrator to ensure the application server has TLS 1.2 enabled.
Published July 23, 2018 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.