OFTP2-TLS Handshake fails when opening outbound connection

Troubleshooting

Problem

Symptom

When attempting to open an outbound OFTP over TLS connection to a Trading partner an SSL Handshake Error occurs

Cause

Using a tool like tcpdump/etherreal/wireshark to inspect the outbound connection shows this:
Secure Sockets Layer
SSLv2 Record Layer: Client Hello
[Version: SSL 2.0 (0x0002)]
Length: 52
Handshake Message Type: Client Hello (1)
Version: TLS 1.0 (0x0301)
Cipher Spec Length: 27
Session ID Length: 0
Challenge Length: 16
Cipher Specs (9 specs)
Challenge

where the Client Hello is wrapped in a SSLv2 Envelope and the Partner does reply

Secure Sockets Layer
TLSv1 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Length: 2
Alert Message

Diagnosing The Problem

get a tcpdump or wireshark trace

Resolving The Problem

Install FixPack 2 for IBM Sterling B2B Integrator 5.2.4

[{"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Adapters","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.4.1;5.2.4;5.2.3;5.2.2;5.2.1;5.2;5.1;5.0","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Tips

OFTP2-TLS Handshake fails when opening outbound connection

Troubleshooting

Problem

Symptom

Cause

Diagnosing The Problem

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?