Siebel JBS - TLSv1.2 handshake fails for Java code on AIX platform - no protocol renegotiation happening
(Doc ID 2822521.1)
Last updated on NOVEMBER 25, 2021
Applies to:Siebel Finance CRM Service - Version 20.4 and later
Information in this document applies to any platform.
Siebel EAI - On version: 20.4
On a Test / UAT environment, a Java Business Service (JBS) was implemented to communicate with a remote system - using custom Java code. The requirement was to do this using only TLS1.2 protocol (as per external system setup and requirements).
This was causing handshake errors being reported in Siebel; if the remote system is set to accept temporarily TLS1.0, then the communication goes well.
The JBS call is using JAVA64 named subsystem with: "CONTAINERURL = http://localhost:9012/siebel/jbs"
On same environment, an Outbound HTTPS Business Service call using TLS1.2 is working with no problems - confirming the setenv.sh settings were correctly in place as per <Document:2321673.1> .
This second Business Service is using JavaContainerSubsys with: "CONTAINERURL = http://localhost:9012/siebel/outboundeai"
Errors seen in the Siebel AOM log:
and Tomcat log (catalina.out)
The steps to replicate the issue on that specific environment were:
1. Check and confirm that setenv.sh file has already the required settings in place:
CATALINA_OPTS="-Djavax.net.ssl.minimumProtocolVersion=TLSv1.2 -Dhttps.protocols=TLSv1.2 -Ddeployment.security.TLSv1.2=true"
2. Test the JBS execution - and see the handshake failure for TLSv1.2;
3.Test the Outbound HTTPS execution - and see that completing fine with TLSv1.2 protocol;
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document