• Register
search
Log In
0 votes
238 views

Problem :

Has anyone faced this error before? I am new to SSL
javax.net.ssl.sslexception: received fatal alert: protocol_version
6.9k points

2 Answers

0 votes

Solution :

I found bellow solution to your SSL Cert issue

java.lang.System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");

This is necessary with Java 7 and a TLSv1.2 site.

I checked the site with:

openssl s_client -connect www.st.nmfs.noaa.gov:443

using

openssl version
OpenSSL 1.0.2l  25 May 2017

and got the result:

...
SSL-Session:
   Protocol  : TLSv1.2
   Cipher    : ECDHE-RSA-AES256-GCM-SHA384
...

Please note that older openssl version on my mac did not work so I had to use the macports one.

Further Readings:

36.1k points
0 votes

This error usually occurs when the user tries to establish the connection between the Jenkins and external applications.

Environment:

The following are the environments in which this error can occur;

  • CloudBees Core
  • CloudBees Jenkins Enterprise
  • CloudBees Jenkins Platform

Resolution:

  • This error indicates that an incorrect TLS version is being used between Jenkins and the external applications. Jenkins expects to use the TLS v1.2 but older plugins and applications may be using the v1.0 or v1.1.
  • First, the user can try settings the JVM argument –Dhttps.protocols=TLSv1.2 to make sure that Jenkins uses only TLS v1.2. If this method does not solve the issue, then the issue is with the plugin or the external application itself.
  • Also, make sure that your plugins are up to date and looking for any issue regarding the TLS connections if the issue is coming from a special plugin.
  • Check the external server to make sure that it is using the correct TLS version.

Example:

For example, a Windows Team Foundation Server may need to have registry key similar and added to enforce the use of TLS v1.2:

32 Bit (DWORD would be 32 bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001

64 Bit (DWORD would be 32 bit) 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001

 

3.9k points

Related questions

0 votes
1 answer 129 views
129 views
Problem : I am trying to call an SSL protected web service running on JDK7 based client, but getting bellow error javax.net.ssl.sslexception received fatal alert unexpected_message
asked Nov 5, 2019 peterlaw 6.9k points
0 votes
3 answers 131 views
131 views
Problem : I am trying to setup a SSL Socket connection. But i am getting below error javax.net.ssl.sslhandshakeexception received fatal alert bad_certificate
asked Oct 23, 2019 peterlaw 6.9k points
0 votes
1 answer 147 views
147 views
Problem : I have a java complied package and it is sopposed to communicate with https server on net. But when i try running the compilation gives the following exception: javax.net.ssl.sslexception: unrecognized ssl message, plaintext connection?
asked Oct 23, 2019 peterlaw 6.9k points
0 votes
2 answers 382 views
382 views
Problem: I am attempting to download records from a https webpage and continue getting the accompanying error: OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Unable to establish SSL connection. From perusing sites online I assemble I need to give ... alternative however that didn't work. wget version: wget-1.13.4 openssl version: OpenSSL 1.0.1f 6 Jan 2014
asked Nov 30, 2019 alecxe 7.5k points
0 votes
1 answer 452 views
452 views
Problem : I had to remove a +CompatEnvVars from following : SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire As it said it was an invalid command or something. So having removed that and following a instructions to a nail it get below error: ... maximum permissible length. (Error code: ssl_error_rx_record_too_long) I am very new to SSL, any advice on what is going wrong?
asked Jan 17 jwilliam 3.9k points