img-20160519-081104.jpgimg-20160519-081506-1.jpgimg-20160519-081717.jpg
I am running my automation scripts to test end point with https, I am getting the following error:
Error:14082174:SSl routines;ssl3_check_cert-and-algorithm:dh key too small:openssl\ssl\s3_clnt.c3615
I am attaching the mock.js and FunctionalTest.feature screen shots.
Could you please suggest me where is the problemm.
This request is working in Postman and SOAP UI. The same headers I am sending in the script.
I would appreciate for your early response.
Solved! Go to Solution.
Are you testing directly the TIBCO end-points (without Apigee Edge in between) or testing proxy deployed at Apigee Edge which in-turn connects to TIBCO end-points? I guess, first is the scenario.
My guess is TIBCO server is using less secure DH (Diffie-Hellman) keys during the TLS handshake. Recent version of OpenSSL enforces a non-weak DH key. Most probable fix is to upgrade/fix their software at server side or at client side, use compatible (/older) SSL lib (libssl n.x.y).
Regards, Rajesh Doda
Attached results errors img-20160519-091534.jpg
Are you testing directly the TIBCO end-points (without Apigee Edge in between) or testing proxy deployed at Apigee Edge which in-turn connects to TIBCO end-points? I guess, first is the scenario.
My guess is TIBCO server is using less secure DH (Diffie-Hellman) keys during the TLS handshake. Recent version of OpenSSL enforces a non-weak DH key. Most probable fix is to upgrade/fix their software at server side or at client side, use compatible (/older) SSL lib (libssl n.x.y).
Regards, Rajesh Doda
The last part of the sentence, "(/older)", is what I don't understand.
Why not pairing both SSL endpoints but at the newest version?
Has TIBCO server something to do with preferring pairing toward the older version of SSL?
How to add SSL certificates in cucumber Automation?