What is the TLS version supported on JavaScript ca...

Report Inappropriate Content · 09-22-2017 03:14 AM

Hi Team,

Can someone please answer to the question from our customer?
On JavaScript policy of Apigee Edge, we can use httpClient object.
What is the supported HTTPS TLS protocol version - is it TLS 1.0 only but not configurable to TLS 1.2?
The customer says in case of allowing only TLS 1.2, API requests fail in with the message:

error: 
Execution of GetToken failed with error: Exception thrown from JavaScript: Received fatal alert: handshake_failure (getToken_js # 27)

They tested with the code for httpClient on the Docs:
http://docs.apigee.com/api-services/reference/javascript-object-model#makingjavascriptcalloutswithht...

Regards,
Toshi

cmbrown

@Toshihiro Shibamoto is this running in cloud or on prem ? and I assume its a paid org yes ?

Report Inappropriate Content

@Christin Brown The customer uses Private Cloud Edge 4.16.01 now and will migrate to 17.0x soon.
Could you please check which version of TLS is supported on these releases?

Report Inappropriate Content

@Christin Brown According to Docs Edge uses Rhino JavaScript engine 1.7.7.1 on Private Cloud. Does this version use TLS 1.0 by default?

And as explained on the post:

Set "-Dhttps.protocols=TLSv1.2" (for TLS v1.2) in the system.properties file. This will set up the protocol as TLSv1.2 for the MessageProcessor process itself and all target endpoints will stick to protocol TLSv1.2.

Is this also applicable to JS httpClient Object?

What is the TLS version supported on JavaScript callouts with httpClient?