After Enabling TLS 1.2 For EBS instance, Punchout to a TLS 1.2 Remote Site Is Negotiated Down To TLS 1.0 Or Errors With 'javax.net.ssl.SSLHandshakeException' If The Remote Site Accepts TLS 1.2 Only
(Doc ID 2361848.1)
Last updated on FEBRUARY 20, 2023
Applies to:
Oracle E-Business Suite Technology Stack - Version 12.1.1 to 12.2 [Release 12.1 to 12.2]Information in this document applies to any platform.
Symptoms
- Configured TLS (either TLS 1.2 with Backwards Compatibility or TLS 1.2 Only) for E-Business Suite following either <Note:376700.1> or <Note:1367293.1>
- The end user is punching out to a site that has upgraded their protocol to only accept TLS 1.2 connections
- The EBS user sees their connection trying to be re-negotiated down to TLS 1.0
- or -
- The end user encounters an error similar to:
java.io.IOException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at oracle.apps.icx.punchout.util.HttpsURL.createConnection(HttpsURL.java:553)
at oracle.apps.icx.punchout.util.HttpsURLConnection.connect(HttpsURLConnection.java:243)
Changes
The remote web site has upgraded their protocol to only accept TLS 1.2 for incoming connections.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |