developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

TLSv1 calls still happening after protocol update

I'm using groovy/grails with Java 1.7.0_71 and the latest version of the auth.net java sdk plugin (v1.9.3 from April 2017)

 

I've added the following arguments to my VM options:

-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
-Djdk.tls.client.protocols=TLSv1.1,TLSv1.2
-Djavax.net.debug=ssl:handshake

 

I've updated my JRE security jars to the Unlimited JCE Policy.

 

And yet attempts to processes any auth.net transactions are done in v1

 

http-nio-8082-exec-1, WRITE: TLSv1 Handshake, length = 163
http-nio-8082-exec-1, handling exception: java.net.SocketException: Connection reset
http-nio-8082-exec-1
, SEND TLSv1 ALERT:
fatal,
description = unexpected_message

 

 

Any help would be greatly appreciated. Thank you.

jstory
Member

‎05-16-2017 10:05 AM

0 Kudos
3 REPLIES 3 

try {
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");
        ctx.init(null, null, null);
        SSLContext.setDefault(ctx);
} catch (Exception e) {
        System.out.println(e.getMessage());
}
Powered by NexWebSites.com -
Certified Authorize.net developers
NexusSoftware
Trusted Contributor

‎05-16-2017 02:31 PM

0 Kudos

Thanks for the tip. I've tried that in the past and it didn't work. I tried it again just in case and still no go.

 

Handshakes are still over v1 and I wrote some code to check on available protocols vs enabled protocols and, as you can see, TLAv1.2 is available but not enabled ... the trouble, obvi, is I still haven't found the way to enable it.

 

"Supported Protocols: 5",
"SSLv2Hello",
"SSLv3",
"TLSv1",
"TLSv1.1",
"TLSv1.2",
"Enabled Protocols: 2",
"SSLv3",
"TLSv1"

jstory
Member
In response to NexusSoftware

‎05-17-2017 08:57 AM

0 Kudos

Another way ...
final SSLContext ctx = SSLContext.getInstance("TLSv1.2");
			ctx.init(null,null, new java.security.SecureRandom());
			final SSLSocketFactory socketFactory = ctx.getSocketFactory();
			HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
Powered by NexWebSites.com -
Certified Authorize.net developers
NexusSoftware
Trusted Contributor
In response to jstory

‎05-17-2017 01:39 PM - edited ‎05-17-2017 01:43 PM

0 Kudos
Copyright © 2024 Khoros, LLC