My Oracle Support Banner

TLSv1.2 Handshake Fails If Endpoint Chain Uses RSASSA-PSS Signature Algorithm (Doc ID 2759910.1)

Last updated on AUGUST 06, 2023

Applies to:

Oracle Service Bus - Version and later
Information in this document applies to any platform.


OSB is failing to call a business service which points to an HTTPS server listening for TLSv1.2 handshakes where part of server's certificate chain uses the RSASSA-PSS signature algorithm.

Java introduced support in jdk 1.8.0_251 however the weblogic certificate path validator still appears to reject the certificate.

Tried using the RSA JSSE implementation ( but the performance impacts are not acceptable.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.