IBM Support

OFTP2-TLS Handshake fails when opening outbound connection

Technote (troubleshooting)


OFTP2-TLS Handshake fails when opening outbound connection


When attempting to open an outbound OFTP over TLS connection to a Trading partner an SSL Handshake Error occurs


Using a tool like tcpdump/etherreal/wireshark to inspect the outbound connection shows this:

Secure Sockets Layer
SSLv2 Record Layer: Client Hello
[Version: SSL 2.0 (0x0002)]
Length: 52
Handshake Message Type: Client Hello (1)
Version: TLS 1.0 (0x0301)
Cipher Spec Length: 27
Session ID Length: 0
Challenge Length: 16
Cipher Specs (9 specs)

where the Client Hello is wrapped in a SSLv2 Envelope and the Partner does reply

Secure Sockets Layer
TLSv1 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Length: 2
Alert Message

Diagnosing the problem

get a tcpdump or wireshark trace

Resolving the problem

Install FixPack 2 for IBM Sterling B2B Integrator 5.2.4

Document information

More support for: Sterling B2B Integrator

Software version: 5.0, 5.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4,

Operating system(s): Platform Independent

Reference #: 1634245

Modified date: 26 April 2013

Translate this page: