We just migrated our Production quicbuild server from 6.0.9 to version 6.1.9. After the upgrade, we started having issues with one set of client boxs all give us the following error.
2016-07-20 16:06:04,816 ERROR - Error connecting server.
jvm 1 | com.caucho.hessian.client.HessianRuntimeException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
jvm 1 | at com.caucho.hessian.client.HessianProxy.sendRequest(HessianProxy.java:285)
jvm 1 | at com.caucho.hessian.client.HessianProxy.invoke(HessianProxy.java:171)
jvm 1 | at com.sun.proxy.$Proxy0.connect(Unknown Source)
jvm 1 | at com.pmease.quickbuild.bootstrap.Bootstrap.init(Bootstrap.java:326)
jvm 1 | at com.pmease.quickbuild.bootstrap.Bootstrap.main(Bootstrap.java:125)
jvm 1 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
jvm 1 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
jvm 1 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
jvm 1 | at java.lang.reflect.Method.invoke(Method.java:611)
jvm 1 | at org.tanukisoftware.wrapper.WrapperStartStopApp.run(WrapperStartStopApp.java:400)
jvm 1 | at java.lang.Thread.run(Thread.java:761)
jvm 1 | Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
jvm 1 | at com.ibm.jsse2.o.a(o.java:36)
jvm 1 | at com.ibm.jsse2.o.a(o.java:43)
jvm 1 | at com.ibm.jsse2.SSLSocketImpl.b(SSLSocketImpl.java:32)
jvm 1 | at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:626)
jvm 1 | at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:39)
jvm 1 | at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:656)
jvm 1 | at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:533)
jvm 1 | at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:49)
jvm 1 | at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:24)
jvm 1 | at sun.net.
www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1043)
jvm 1 | at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.java:71)
jvm 1 | at com.caucho.hessian.client.HessianURLConnection.getOutputStream(HessianURLConnection.java:101)
jvm 1 | at com.caucho.hessian.client.HessianProxy.sendRequest(HessianProxy.java:283)
jvm 1 | ... 10 more
The boxes were working before the upgrade. This issue currently impacts about 40 platforms all AIX. Can anyone give us a reason?
The documentation that I have seen states that SSLv3 has been disabled since 6.0.25. We can see via tracing that the failing agents are sending via SSLv3. We cannot find anything that we can configure that would force the agent to use something else. We desperately need assistance on this.