We have Edge setup with MPs/Routers in two regions/data centers. We are seeing a strange behaviour where in we are getting 503 errors for our APIs continuously when the calls are made from one of the regions.
{ "error": { "statusCode":503, "code":"E01", "message":"The Service is temporarily unavailable", "developerMessage":"ServiceUnavailable", "_debug": {"fault":"{\"fault\":{\"faultstring\":\"The Service is temporarily unavailable\",\"detail\":{\"errorcode\":\"messaging.adaptors.http.flow.ServiceUnavailable\"}}}"} } }
While we get successful responses every time from the other region.
Can you please check what could be the issue ?
Solved! Go to Solution.
error The Service is temporarily unavailable error.cause Received fatal alert: close_notify
2017-07-07 14:28:16,142 org:test-org env:test api:myapi rev:6 messageid:<message_id> NIOThread@1 ERROR HTTP.CLIENT - HTTPClient$Context.handshakeFailed() : SSLClientChannel[C:<BackendServer-IPaddress>:443 Remote host:<MP-IP>:42038]@107327 useCount=1 bytesRead=0 bytesWritten=0 age=279ms lastIO=279ms lastIO=279ms isOpen=true handshake failed, message: Received fatal alert: close_notify
tcpdump -i any -s 0 host <BackendServer IP address> -w <File name>
Solution:
Resolved the problem by setting the property "jdk.tls.client.protocols=TLSv1" on all the MPs in the failing region.
Key Things to Note:
<HTTPTargetConnection> <URL>https://foo.com</URL> <SSLInfo> <Enabled>true</Enabled> <Protocols> <Protocol>TLSv1.0</Protocol> </Protocols> </SSLInfo> </HTTPTargetConnection>
error The Service is temporarily unavailable error.cause Received fatal alert: close_notify
2017-07-07 14:28:16,142 org:test-org env:test api:myapi rev:6 messageid:<message_id> NIOThread@1 ERROR HTTP.CLIENT - HTTPClient$Context.handshakeFailed() : SSLClientChannel[C:<BackendServer-IPaddress>:443 Remote host:<MP-IP>:42038]@107327 useCount=1 bytesRead=0 bytesWritten=0 age=279ms lastIO=279ms lastIO=279ms isOpen=true handshake failed, message: Received fatal alert: close_notify
tcpdump -i any -s 0 host <BackendServer IP address> -w <File name>
Solution:
Resolved the problem by setting the property "jdk.tls.client.protocols=TLSv1" on all the MPs in the failing region.
Key Things to Note:
<HTTPTargetConnection> <URL>https://foo.com</URL> <SSLInfo> <Enabled>true</Enabled> <Protocols> <Protocol>TLSv1.0</Protocol> </Protocols> </SSLInfo> </HTTPTargetConnection>
This helped me. Thanks for posting. What did you use for collecting tcp dump.
Glad to know that this post helped you. I used the tcpdump command (network sniffer tool) to capture the network packets.
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |