SSL Handshake fails while using TLSv1.3 ciphers
Article ID: KB0072054
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 5.6.0 and Higher |
Description
While performing SSL Handshake with TLSv1.3 it fails with below error:
-------------
ERROR ingrian.internal.session.SocketConnector - handshakeCompleted: SSL handshake did not complete within alloted time {}
javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request
-------------
-------------
ERROR ingrian.internal.session.SocketConnector - handshakeCompleted: SSL handshake did not complete within alloted time {}
javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request
-------------
Issue/Introduction
While performing SSL Handshake with TLSv1.3 it fails with error.
Resolution
TLSv1.3 is supported from java 11.0.8 and further.
refer: https://www.petefreitag.com/item/918.cfm
BE 6.x supports TLSv1.1/TLSv1.2/TLSv1.3 (Defaults to TLS(TLSv1.1) if not specified.)
Note- TIBCO BE 5.6.0 is shipped with Java 1.8.0 and BE 5.6.1 and later are Shipped with Java "11.0.13".
Workaround:
Restrict the TLS version to TLSv1.2 by adding the below property in .tra file
- jdk.tls.client.protocols=TLSv1.2
Feedback
Yes
No
Powered by
