WebService call fails with "got FabricInvocationException javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure" on JDK 1.7 (Doc ID 2174577.1)

Last updated on MAY 10, 2017

Applies to:

Oracle WebLogic Server - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

An application deployed on Weblogic 10.3.6 is making a call to secured webservice which requires 'TLS_RSA_WITH_AES_128_CBC_SHA256' cipher for a successful handshake.

Weblogic 10.3.6 is running on JDK 1.7 with JSSE enabled so TLS 1.1 and TLS 1.2 protocols are supported.

According to the following document "TLS_RSA_WITH_AES_128_CBC_SHA256" cipher is only available for TLS 1.2 protocol or later :

Link : https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html

When we force Weblogic to use this cipher we see the following errors in the logs :

Log says "TLS_RSA_WITH_AES_128_CBC_SHA256" is not supported and hence the handshake fails.

Enabling JCE did not help either.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms