IT Process Automation

  • 1.  WSDL is working in SOAP UI but not in ITPAM

    Posted Apr 16, 2019 06:20 PM

    i am trying to run a webservice and it works from SOAP UI but the same is not working in ITPAM. i am getting an error as ' SOAP invocation failed: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed'

     

    we are using ITPAM - 4.2 sp02

     

    the destination system is using TLS1.2

     

    did anyone face similar issue? Any solution would be really appreciated.



  • 2.  Re: WSDL is working in SOAP UI but not in ITPAM

    Broadcom Employee
    Posted Apr 18, 2019 08:56 AM

    You are seeing a SSL Protocol error:
    2019-04-15 12:50:48,998 ERROR [com.optinuity.c2o.service.serviceoperation.soapserviceoperation.SoapClient] [5a-4a7db33f2332] java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed
    com.sun.xml.messaging.saaj.SOAPExceptionImpl: java.security.PrivilegedActionException:

    ... 8 more
    Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version

     

    This error, Received fatal alert: protocol_version, indicates a mismatch in the security protocol between the sending application and the receiving wsdl. You can read more about this here:
    https://stackoverflow.com/questions/16541627/javax-net-ssl-sslexception-received-fatal-alert-protocol-version

     

    but in general we see this issue when Process Automation is using JDK 7(default TLS 1.0), and the end application is using JDK 8 (default TLS 1.2) or the reverse.

     

     

     

    I have done a bit of research on this, and I do not think we are going to be able to force TLS 1.2 for you.   From reviewing some internal documentation around forcing TLS 1.2 I have found that this will only work correctly at JDK version 1.7.0_95 or later.  Except that the highest Java 7 version that 4.2 functions correctly with is 1.7.0_79 due to some security changes oracle made:

    Process Automation: Upgraded to JDK 8. Showing a - CA Knowledge 

     

    3.  Install older JDK.

       For 4.3 and 4.3 sp1: JDK 1.8.0_90 or earlier,

       For all 4.2.x releases: JDK 1.7.0_79 or earlier.

     

    I think your only option in Process Automation 4.2 sp2 will be to work with the end WSDL team to open up and allow the lower TLS security protocols to be able to access this WSDL.