[TIP] SOAPUI / Policy Manager connections issue after upgrading TLS version support

Document created by Nicolas Afonso Employee on Oct 19, 2015Last modified by Nicolas Afonso Employee on Oct 19, 2015
Version 2Show Document
  • View in full screen mode

Hi folks !

 

In a previous post, I told you my problematic connections from Policy Manager 8.3 / SOAPUI to Gateway after upgrading TLS support version.

Here are the solution :

 

- SoapUI side. You must enable the TLS 1.2 support. Go to the installation directory of your SoapUI, and add the following line to "SoapUI-5.2.Xvm.options" conf file :  -Dsoapui.https.protocols = TLSv1.2

- Policy Manager side. I noticed that launching .exe version had this connection issue, Manager.jar version. Why? Because the .exe is based on the jre version that is bundled in the installation directory, which is in 1.7 java version. But this version does not enable by default TLS 1.1and 1.2 support   -> http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#tlsprotonote

The jar version is using your system jre, which in my case was 1.8 version. TLS 1.1 and 1.2 are activated in this jre.

 

Solution :

  • You can change the jre used by the Policy Manager executable by changing the file "Layer 7 Policy Manager.ini" and replacing the jre path = <path> path to your 1.8 system jre
  • Or add "-Dhttps.protocols = TLSv1.1,TLSv1.2 -Ddeployment.security.TLSv1.1= true -Ddeployment.security.TLSv1.2= true" arguments to javaw.exe (still in this same .ini file). 1.7 jre of the bundle will then authorize the connection using TLS 1.1 / 1.2 versions

 

Problem solved

3 people found this helpful

Attachments

    Outcomes