DX Operational Intelligence

Expand all | Collapse all

TLS 1.2 , SOI to UIM

  • 1.  TLS 1.2 , SOI to UIM

    Posted 09-01-2016 02:28 AM

    Hi...,

    I want to ask about Java TLS,

    In java version 1.7  TLS default is TLS 1.0. but in SOI we set to TSL 1.2.

    When I deploy custom probe SOI to UIM, the probe log have message error:

    Reason is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

     

    I’m already change TSL in my computer and in hub to TSL 1.2, and re-deploy the custom probe , but its still have same error.

     

    In  APM we set TSL to TSL 1.2 too, the probe is working.

    Its works in APM but doesn’t works in SOI.

     

    Any suggestion?

     

    Thanks



  • 2.  Re: TLS 1.2 , SOI to UIM

    Broadcom Employee
    Posted 09-01-2016 06:16 AM

    Please refer CA SOI r4.0  release notes

     

    CA SOI supports Java 8 and Tomcat 7.0.62 to handle POODLE vulnerability.

    CA SOI 4.0 supports Java 8 and Tomcat 7.0.62, which have an option to disable SSL v3 and enable TLS 1.0, 1.1 & 1.2. The upgraded Java and Tomcat versions prevent the cryptographic security breach. Click here to know more about the POODLE vulnerability.

     

    New Features - CA Service Operations Insight - 4.0 CU1 - CA Technologies Documentation 



  • 3.  Re: TLS 1.2 , SOI to UIM

    Posted 09-01-2016 07:05 AM

    Hi , 

    I deploy my custom probe SOI to UIM ,

    in SOI we disable TLS 1.0 and 1.1 , but enable 1.2

    path :  "CA\SOI\SamUI\conf\server.xml"

    [ sslEnabledProtocols="TLSv1.2" ]

     

    and my custom probe is not working , and have message like this :

    Reason is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure.

     

    but when i enable TLS 1.0  and TLS 1.1 , my custom probe is working.

     

    I also do this setup (disable TLS 1.0 and 1.1) in  APM

    and my custom probe APM to UIM still working

     

    notes:

    My custom probe SOI is to get value data from SOI server and put it to UIM (database) via webservice

     

    can u give us any suggestion?

    Thanks 



  • 4.  Re: TLS 1.2 , SOI to UIM

    Broadcom Employee
    Posted 09-01-2016 07:43 AM

    The Java 1.7 does not support TLS 1.2.

     

    The SOI supports TLS 1.2 only from release 4.0. This is because we have added support for Java 8. I hope this answers your query.