In SOAP latest version 5.7.0, trying to check SOAP request for java based application. But, getting below error. Tried multiple options provided over stack overflow to update "set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.https.protocols="TLSv1.2" in soapui batch file and "-Dsoapui.https.protocols=TLSv1.2" in SoapUI-5.7.0.vmoptions file. Also, try to update same at java level as well. Still same issue is occuring.
ERROR:Exception in request: javax.net.ssl.SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]
FYI, this was working in previous version of SOAP but after upgrade same thing is not working as expected.
It will be helpful that solution is provided for same.
Solution on TLS related error in latest SOAP UI 5.7.0
Try with following:
Open "C:\Program Files\SmartBear\SoapUI-5.7.0\bin\SoapUI-5.7.0.vmoptions"
Append -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.0 if it's not there already.
Then Open "C:\Program Files\SmartBear\SoapUI-5.7.0\jre\conf\security\java.security"
Find jdk.tls.disabledAlgorithms, either comment it with # or remove specific versions, e.g. TLSv1, TLSv1.1
Restart SoapUI and try again.
Related
I have a soap service deployed on wso2 apim 4.0.0. While working with the api I randomly (rarely) get an error - "Content is not allowed in prolog". Is there any component of the configuration to be tuned to overcome this issue? Another version of the cause of this error, I found out in the article, this might be caused by a consumer that is not able to properly invoke the api. Any hint to find out the root of the problem is appreciated.
Enable wire logs[1] and check whether the backend is sending a corrupted response while you are reproducing the issue.
A corrupted response means such as a chunked response but, the Content-Length header is available in the response.
You can compare the wire logs for both the happy path and the issue scenario.
[1] https://apim.docs.wso2.com/en/latest/integrate/develop/using-wire-logs/
I have a webservice wsdl, i need to hit it and parse the response.
I am able to hit it from my IDE Eclipse, but when i make a runnable jar file it shows following error.
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:209)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
We have already performed whitelisting related work at server end but still the problem remains the same.
Can anyone suggest anything ..
Thanks
After so many searching and implementations, I've found one line which solved it. Server environment was not supporting my protocol.
I added below line it solved the problem
System.setProperty("https.protocols", "TLSv1");
This problem was because the protocol at client side was not same as protocol used at server side. So to bypass it we can set property according to server side ans our request will be successful.
I try to use WSO2 ESB at workplace where Proxy Server is available.
Set Proxy Server settings in axis2.xml,
Install certificate.
Initialize Salesforce connector(Salesforce certificate has been installed).
Test the API, run into an exception - SOAPProcessingException,
Really appreciate if someone can give ideas of solution.
First of all I have tried this type of a scenario using WSO2 ESB 4.9.0 and which was perfectly working fine. By looking at your error messages I can see that there was an Authentication failure, hence Sales Force end point returns some HTML error message. The ESB tries to build this HTML error message using the SOAP builder leading to this situation.
This could be due to some missing configuration in your setting. You may follow [1] to enable HTTP Proxy to Sales Force. Then to setup Sales Force [2] will be helpful.
Couple of thing I need to highlight here. Did you import the Salesforce certificate into the ESBs client trust store using the keytool import command. If not please go ahead and do so. Also is there a particular reason for you to use NHTTP transport here. Ideally we would use Passthrough transport to add the proxy host as given in [1].
If you still get the error after following the above steps please enable the wirelogs and post it here to investigate further. Follow these steps to enable wirelogs.
Open log4j.properties file from a text editor.
log4j.properties file is located in $ESB_HOME/repository/conf directory.
Un-comment the following entry.
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
Hope this helps you.
[1] https://docs.wso2.com/display/ESB470/Enabling+SSL+Tunneling+through+a+Proxy+Server
[2]https://docs.wso2.com/display/ESBCONNECTORS/Working+with+Salesforce+Connector+Operations
I am setting up a new WSO2 EMM server and, in order to maintain my organization's PCI DSS certification, I have to disable support for any encryption protocol lower than TLSv1.1 before I can put it into production (see this for more information on PCI 3.1).
I edited the file /repository/conf/tomcat/catalina-server.xml as per the documentation. Here is what I tried:
I changed the attribute sslEnabledProtocols from TLS to TLSv1.1,TLSv1.2, but this generates the error
ERROR {org.wso2.carbon.tomcat.internal.CarbonTomcat} -
LifeCycleException while starting tomcat connector
{org.wso2.carbon.tomcat.internal.CarbonTomcat}
in my wso2carbon.log and I'm unable to log into the EMM web console.
Does anyone know how to disable TLSv1.0 without breaking my installation?
cheers,
Found it!
you have to get rid of sslProtocol attribute and replace it with sslEnabledProtocols, they look very similar.
I have an secure external webservice at URL https://my-webservice-path?wsdl, and i want to connect to use this. This is a 2-way ssl.
I create a webservice client in following:
Create an java application Application1
at Project window, click Application1 icon -> new -> Web service client
paste my URL at WSDL URL, client type is JAX-WS, package: com.mypackage
finish
But an error appears: Error: An I/O error occured. Received fatal alert: handshake_failure
And i can not create Web Service References. I use Glassfish 3.0.1 server.
I tried to replace the alias s1as in keystore.jks and cacerts.jks of the Glassfish by my keypair and certificate, but it still fails.
I also tried to use wsimport parsing wsdl file but fail:(
I posted this question in Oracle Forum at http://forums.oracle.com/forums/thread.jspa?threadID=2214292&tstart=0 but get no answer.
i've tried to solve this for 2 days :(
What can i do now to solve this problem?
Plz help me, thank you!
please check out the answer from Catchwa in Mutual-authentication with web services. The steps to implement a glassfish based mutual authentication are described in detail.