Hello PI experts:
We have a requirement to connect external HTTPS url with a secure protocol TLS 1.0 or higher. When we try to test SSL connectivity using XPI_Inspector by using option 11 which is Authentication,SSL, we were told by Network/Basis team by default it is choosing SSL v3 version and it is failing due to that external url expecting TLS 1.0 or higher. we would like to know is there a way to force XPI_Inspector to choose TLS 1.0 or higher instead of SSL v3.
Here is the error that we received in XPI trace:
Begin IAIK Debug:
ssl_debug(9): Starting handshake (iSaSiLk 4.5)...
ssl_debug(9): Sending v3 client_hello message to dev.xxxxxx.local:443, requesting version 3.1...
ssl_debug(9): IOException while handshaking: Connection reset
ssl_debug(9): Sending alert: Alert Fatal: handshake failure
ssl_debug(9): Exception sending message: java.net.SocketException: Broken pipe
ssl_debug(9): Shutting down SSL layer...
ssl_debug(9): Closing transport...
End IAIK Debug.
We were told V3 Client_hello means XPI initiating the message with SSL v3 but we would like to tell inspector to initiate with TLS 1.0 or higher.
Any inputs on this will be appreciated.
Thanks,
Ganesh B