iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure

Xu_Jay · August 24, 2018, 4:25am

Hi Holger,

My product suite is WM8.2, the service used is wm.EDIINT:send.

I do not find the input parameter you metioned. checked related Services in documents:

find one paramter named encryptionAlg in services wm.tn.mime:createSignedAndEncryptedData
encryptionAlg value list is:
RC2
DES
TripleDES

only find one parameter named digestAlgorithm in service(wm.EDIINT.util.mime:getMimeInputStream), digestAlgorithm has two values(SHA-1 and MD5).

Xu_Jay · August 24, 2018, 4:49am

Xu_Jay · August 24, 2018, 4:56am

Kindly please ignore the last two replys

Hi Holger,

My product suite is WM8.2, the service used is wm.EDIINT:send.

I do not find the input parameters you metioned. checked related Services:

find one paramter named encryptionAlg in service wm.tn.mime:createSignedAndEncryptedData
encryptionAlg value list is:
RC2
DES
TripleDES
find one parameter named digestAlgorithm in service wm.EDIINT.util.mime:getMimeInputStream
digestAlgorithm value list is:
MD5
SHA-1

Also, I have checked another services in Built-In-Services Reference, some related parameters can only be set to SHA1 or MD5.
Does it mean WM8.2 can not support SHA-256?

Best wishes,
Xu Jay

system · August 25, 2018, 7:49am

wrong Thread, I Posted

system · August 25, 2018, 7:53am

During IS start , you will found below message in Integration Server Server.log.

[ISS.0025.0049I] The JCE Unlimited Strength Jurisdiction Policy File was found

If you set “0006 Server SSL Interface to Trace” (IS Admin > Settings > Logging> Server), the enabled cipher list for a JSSE port will be printed out to the server.log when the port is enabled (including during IS startup).

[ISP.0046.0012I] Enabling HTTPS Listener on port 5550
[ISC.0006.9999D] Printing details of JSSE listener (5550) …
Supported Protocols : SSLv2Hello SSLv3 TLSv1 TLSv1.1 TLSv1.2
Enabled Protocols : SSLv2Hello SSLv3 TLSv1 TLSv1.1 TLSv1.2

[ISC.0006.9999T] Printing enabled ciphersuites of JSSE listener (5550) …
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,TLS_EMPTY_RENEGOTIATION_INFO_SCSV,

[ISS.0070.0023D] HTTPSListener@5550 is starting

Gireesh_Mullapally1 · August 21, 2019, 9:31am

is this issue resolved …?