cancel
Showing results for 
Search instead for 
Did you mean: 

SSL Exception: Peer Sent Alert : Alert Fatal: handshake failure

former_member366655
Active Participant
0 Kudos

Hi Experts,

I have been facing a weird issue in one of the Interfaces. We are trying to connect to some third party , but got attached Error in PI Monitoring. But , when we checked it through XPI Inspector , the handshake seems to be completed(attached screenshot). I am not sure how it is happening.

Also , in the past this interface is working fine , but recently we configured a Patch Configuration as per Note 2284059 - Update of SSL library within NW Java server. Since then , this Interface is not working , failing with the same handshake Error.


We also made changes in Config File (changed the client.minProtocolVersion to TLS1.1 and the client.maxProtocolVersion to TLS1.2) and retested the scenario , but still no luck.


Please advise here , immediate help will be highly appreciated.


Thanks and Regards,

Vivek Jain

error1.jpg

xpi-inspector-screenshot.jpg


Accepted Solutions (1)

Accepted Solutions (1)

TomXing
Contributor

Hi Vivek,

When XPI Inspector Channel SSL Handshake works, but in runtime SSL handshake fails, most likely you are using one of below adapters:

AS2, Axis, REST, or some others I have not yet put in my note book.

In this case you should check below note, according to the adapter you are using:

2292139 - TLSv1.2 support in Axis adapter

2295870 - TLSv1.2 support in REST adapter

2533644 - AS2 Adapter does not support SSL protocol version higher than TLS 1.0

Since you are using SOAP Axis adapter, check note ##2292139.

Best regards,

Tom

former_member366655
Active Participant
0 Kudos

Thanks Tom. I will check this and will update you accordingly.

Regards,

Vivek Jain

former_member366655
Active Participant
0 Kudos

Hi Tom,

I maintained parameter maxSSLVersion in my Channel , and it worked.

Regards,

Vivek Jain

Answers (2)

Answers (2)

mate_moricz
Advisor
Advisor

Hi Vivek,

there can be multiple causes for this particular error. Try to reproduce the error and collect Example 50 - XI Channel trace and locate the error there (the test in the Example 11 uses the IAIK library and the endpoint that you set, but not all adapter use the IAIK library).

What adapter is used in your scenario?


Best regards,
Mate

former_member366655
Active Participant
0 Kudos

Hi Mate,

Thanks for your response.

We reproduced the issue and collected Example 50 too , can you please help where to check for the error here , I am not able to locate any error.

We have used SOAP Adapter here(screenshot attached).

Regards,

Vivek Jain

marksmyth
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hello Vivek,

Check the blog entries below for details on using the XPI tool to troubleshoot this type of error.

Using XPI Inspector to troubleshoot HTTP SSL connections (Part 1 – Server Authentication)

Using XPI Inspector to troubleshoot HTTP SSL connections (Part 2 – Client Authentication)

Regards
Mark