SOAP UI - ERROR:Exception in request: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
The error javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure in SOAP UI indicates that there was a problem during the SSL handshake process when trying to establish a secure connection with the server. This issue typically occurs due to one of the following reasons:
Incompatible SSL/TLS Version: The client and server may be using incompatible SSL/TLS versions or cipher suites. Ensure that the client (SOAP UI) and the server support compatible versions and cipher suites.
Server Certificate Issues:
- Expired Certificate: The server certificate may have expired. Verify that the server certificate is not expired and is valid.
- Self-Signed Certificate: If the server is using a self-signed certificate, you may need to import the server's certificate into the SOAP UI truststore.
Hostname Mismatch: The hostname in the server certificate does not match the hostname of the server you are trying to connect to. Ensure that the hostname in the server certificate matches the hostname in the URL you are using.
SSL Inspection: If there is a proxy or firewall performing SSL inspection, it may be intercepting and modifying SSL traffic, causing the handshake to fail. Try disabling SSL inspection or adding an exception for the server.
Solutions
Here are some steps you can take to resolve the SSLHandshakeException:
Check SSL/TLS Configuration:
- Verify that the client and server support compatible SSL/TLS versions and cipher suites.
- Check the SSL/TLS configuration on the server to ensure it is correctly configured.
Inspect Server Certificate:
- Check the server certificate to ensure it is valid and not expired.
- If the server is using a self-signed certificate, import the server's certificate into SOAP UI's truststore.
Hostname Verification:
- Ensure that the hostname in the server certificate matches the hostname of the server you are connecting to.
- If necessary, disable hostname verification in SOAP UI (not recommended for production use).
Proxy and Firewall Configuration:
- If there is a proxy or firewall between the client and server, ensure that it is correctly configured to allow SSL traffic.
- Check for SSL inspection or interception that may be causing issues.
Debug SSL Handshake:
- Enable debugging in SOAP UI to get more detailed information about the SSL handshake process. This can help identify the specific issue causing the handshake failure.
Example Configuration
Here's an example of how you can configure SOAP UI to trust a self-signed server certificate:
- Export the server's certificate to a file (e.g.,
server.crt). - Open SOAP UI and go to File > Preferences > SSL Settings.
- Click "Add" to add a new Certificate Authority.
- Browse to the location of the
server.crtfile and import it. - Restart SOAP UI for the changes to take effect.
Summary
The javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure error in SOAP UI indicates a problem during the SSL handshake process. By following the troubleshooting steps and solutions outlined above, you should be able to identify and resolve the issue causing the handshake failure.
Examples
"SOAP UI SSLHandshakeException handshake_failure enable TLS"
Description: Ensure that SOAP UI is configured to use TLS by enabling TLS protocols.
Implementation:
<!-- In SOAP UI, edit the SoapUI-5.x.x.vmoptions file --> -Dsoapui.https.protocols=TLSv1.2 -Dsoapui.https.protocols=TLSv1.1 -Dsoapui.https.protocols=TLSv1
"SOAP UI SSLHandshakeException handshake_failure disable SSLv3"
Description: Disable SSLv3 in SOAP UI to avoid using outdated and insecure protocols.
Implementation:
<!-- In SOAP UI, edit the SoapUI-5.x.x.vmoptions file --> -Dsoapui.https.protocols=TLSv1.2,TLSv1.1,TLSv1 -Dsoapui.https.disableSsl3=true
"SOAP UI SSLHandshakeException handshake_failure update Java version"
Description: Update Java to a version that supports the necessary TLS protocols.
Implementation:
# Download and install the latest version of Java (e.g., OpenJDK 11) sudo apt update sudo apt install openjdk-11-jdk # Update the JAVA_HOME environment variable to point to the new Java installation export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
"SOAP UI SSLHandshakeException handshake_failure set SSLContext"
Description: Programmatically set the SSLContext to use TLS in SOAP UI.
Implementation:
import javax.net.ssl.SSLContext; import java.security.NoSuchAlgorithmException; public class SSLConfiguration { public static void main(String[] args) { try { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, new java.security.SecureRandom()); SSLContext.setDefault(context); } catch (NoSuchAlgorithmException | java.security.KeyManagementException e) { e.printStackTrace(); } } }"SOAP UI SSLHandshakeException handshake_failure use custom truststore"
Description: Use a custom truststore in SOAP UI to trust specific certificates.
Implementation:
<!-- In SOAP UI, edit the SoapUI-5.x.x.vmoptions file --> -Djavax.net.ssl.trustStore=/path/to/custom/truststore.jks -Djavax.net.ssl.trustStorePassword=yourPassword
"SOAP UI SSLHandshakeException handshake_failure configure JVM options"
Description: Configure JVM options to specify TLS protocols.
Implementation:
<!-- In SOAP UI, edit the SoapUI-5.x.x.vmoptions file --> -Dsoapui.https.protocols=TLSv1.2 -Dhttps.protocols=TLSv1.2
"SOAP UI SSLHandshakeException handshake_failure import server certificate"
Description: Import the server's SSL certificate into the Java truststore.
Implementation:
# Export the server certificate echo -n | openssl s_client -connect yourserver.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > server-cert.pem # Import the certificate into the Java truststore keytool -import -alias yourserver -keystore $JAVA_HOME/jre/lib/security/cacerts -file server-cert.pem
"SOAP UI SSLHandshakeException handshake_failure configure SSL debug logs"
Description: Enable SSL debug logs to troubleshoot SSL handshake failures.
Implementation:
<!-- In SOAP UI, edit the SoapUI-5.x.x.vmoptions file --> -Djavax.net.debug=all
"SOAP UI SSLHandshakeException handshake_failure configure client certificate"
Description: Configure SOAP UI to use a client certificate for mutual SSL authentication.
Implementation:
<!-- In SOAP UI, configure the client certificate in Preferences --> <sslOptions> <keyStore>path/to/keystore.jks</keyStore> <keyStorePassword>yourPassword</keyStorePassword> <keyAlias>yourKeyAlias</keyAlias> </sslOptions>
More Tags
ios9 tmx tableau-api file-io collision retrofit2 kendo-template tablecellrenderer color-scheme window-soft-input-mode
More Programming Questions
- SQL | MINUS Operator
- Data analysis and Visualization with Python Pandas
- How to Save ArrayList to SharedPreferences in Android?
- The Zero Method in Numpy
- Check if file is a media file in C#
- PHP Imagecopy(): Add A Watermark To An Image
- Function Declarations And Function Prototypes in C Programming Language
- Linux groupadd Command: Add User Group
- Nested SSH session with Paramiko
- How to delete a file after checking whether it exists in C#
More Electrochemistry Calculators
- Free Online Electrolysis Calculator
- Free Online Cell EMF Calculator – Electromotive Force of a Cell
- Free Online Ionic Strength Calculator
- Free Online Lattice Energy Calculator
- Free Online Nernst Equation Calculator
More Statistics Calculators
- Free Online Mean, Median, Mode, Range Calculator
- Free Online Number Sequence Calculator
- Free Online Confidence Interval Calculator
- Free Online Permutation and Combination Calculator
- Free Online Statistics Calculator
More Various Measurements Units Calculators
- Free Online Speed Calculator
- Free Online Mass Calculator
- Free Online Density Calculator
- Free Online GDP Calculator
- Free Online Height Calculator