SSL Engine and ASYNC_EXCEPTION: server certificate...

Report Inappropriate Content · 05-03-2016 09:33 PM

We are facing the below issues while sending a request to a target system and these are so intermittent.

Can someone help us on this why its happening like this in an intermittent way.

Properties

error The Service is temporarily unavailable The Service is temporarily unavailable

error.cause ASYNC_EXCEPTION: General SSLEngine problem ASYNC_EXCEPTION: General SSLEngine problem

error.class com.apigee.messaging.adaptors.http.HttpAdaptorException com.apigee.messaging.adaptors.http.HttpAdaptorException

Properties
error	The Service is temporarily unavailable	The Service is temporarily unavailable
error.cause	ASYNC_EXCEPTION: server certificate change is restrictedduring renegotiation	ASYNC_EXCEPTION: server certificate change is restrictedduring renegotiation
error.class	com.apigee.messaging.adaptors.http.HttpAdaptorException	com.apigee.messaging.adaptors.http.HttpAdaptorException

Thanks, Ramesh

adevegowda

Dear @rameshganta,

This issue can be seen if SSLv3 protocol is being used. Can you please check what protocol are you using between MP and target server ?

If you have left the protocols attribute empty in the SSLInfo section of target endpoint/server definition, then it would use default protocol. So it might be worth specifying TLS protocol as explained here

If this doesn't help. we will need the following information:

1. If it is seen on Private Cloud setup, can you please provide the following information:

a) Message Processor logs showing the error

b) Version of Private Cloud and Version of JDK (Java Development Kit) used for the MPs

c) Tcpdump taken during the time of problem occurrence

2. If it is Public cloud setup, then provide the org, env and API Proxy names and curl command to reproduce the problem ?

Regards,

Amar

SSL Engine and ASYNC_EXCEPTION: server certificate change is restrictedduring renegotiation