AnsweredAssumed Answered

Error msg: Unable to obtain HTTP response... Received fatal alert: handshake_failure

Question asked by gary.vermeulen on Nov 23, 2015
Latest reply on Jan 20, 2016 by okaoz01

Hi all,

 

I'm experiencing an issue with version 8.2 of the ssg

 

I have two sandbox environments where this works perfectly

 

My production ssg won't connect to some external servers; I've tested aws lambda and google (both work in my sandboxes)

 

2015-11-23T17:28:04.502+0000 WARNING 9034 com.l7tech.server.policy.assertion.ServerHttpRoutingAssertion: 4042: Problem routing to https://ttgy6tebd5.execute-api.eu-west-1.amazonaws.com:443/alpha/l5zqbs. Error msg: Unable to obtain HTTP response from https://ttgy6tebd5.execute-api.eu-west-1.amazonaws.com:443/alpha/l5zqbs: Received fatal alert: handshake_failure

 

I've added all of the relevant certificates to my trust store and configured the listen port (ssl/tls settings) to no avail.

 

We are able to send the same requests via curl from the prod servers command line successfully so the boxes have connectivity and access to the right cipher suites

 

I've set up a basic route via https using my sandbox as a server and production as the client...

 

It seems that the server(sandbox) has to support tls 1.0 in order for this connection to work which indicates that the gateway uses tls 1.0 to negotiate ssl handshake; this can't be a default setting as it works in my other boxes... is there any way to change it??

 

Is there anyone out there in the community that has experienced anything similar?

 

Any help would be greatly appreciated and I will update this thread with the answer if we manage to resolve it so that no one else has to go through this pain...

 

Kind regards,

 

Gary

Outcomes