Author Message
EugenioRomagnoli
Joined: Nov 28, 2013
Messages: 59
Offline
Dear DevConnect,

we have done almost everything to force the client IVR application (developed with OD 7.2.3) which consumes Axis2 web services from a TLSv1 legacy Server (TLSv1 is the only protocol it supports).

We get the following exception:

[19/11/20 10:49:12:119 ART] 000000dc HTTPSender I org.apache.axis2.transport.http.HTTPSender sendViaPost Unable to sendViaPost to url[https://serviciosIVRMacro:9901/AST-WS-CTS-VERIFICACION_OFFLINE_BV/services/VerificacionOfflineBV]
org.apache.axis2.AxisFault: Server chose TLSv1, but that protocol version is not enabled or not supported by the client.
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)


IBM support says that the problem is that the Axis2 libs from the Avaya runtime framework, that uses the ivr application, forces TLSv1.2

Could this be true ?? If so, is there a was to change this behaviour ??

We tried everything at the Webshere WAS where the IVR application runs... trying to force the SSL protocols.
With no changes....

regards,
Eugenio
Filename logError-ServerHello TLSv1.txt [Disk] Download
Description Logs from WAS WebSphere 9.0.5
Filesize 247 Kbytes
Downloaded: 1195 time(s)

WilsonYu
Joined: Nov 6, 2013
Messages: 3946
Offline
We do force OD (which is the http client) in this case to support TLSV1.2 as the requirement. I don't know if there is anyway around it. You maybe need to either fall back to the earlier version of OD or upgrade the web service security.
EugenioRomagnoli
Joined: Nov 28, 2013
Messages: 59
Offline
Hi WilsonYu,

Thanks for your response.

Please, I need you to confirm me if you mean that:

1. OD 7.2.3 PDC for Axis2 only connects (as a client) using TLSv1.2.
2. OD 7.2.3 is not compatible with legacy protocols like TLSv1 compatible (does not allow to negociate, it fixed the protocol to only allow TLSv1.2) .

Is this correct ??

Please, if you can contact me at: eromagnoli@belltech.la
I would like to talk to you about this case.

best regards,
Eugenio
WilsonYu
Joined: Nov 6, 2013
Messages: 3946
Offline
Yes, we started to enforce TLSv1.2 in 7.2.
chukiatdenkongpon
Joined: Nov 7, 2013
Messages: 97
Offline
Hi

Is it have any solution to force OD 7.0.1 using TLS1.2 with JRE1.7?
Please advice

Chukiat D.
WilsonYu
Joined: Nov 6, 2013
Messages: 3946
Offline
There is no such solution.
Go to:   
Mobile view