Hi there,

We have been using on a regular basis the Apache Http Java library to make the requests to the endpoint /person on the API host

Since yesterday we have started to get the following exception: Received fatal alert: handshake_failure

Based on our experience, when that exception comes up, it is typically related with the fact that the client making the request is not using the appropriate version of TLS expected by the server. We currently support TLSv1, TLSv1.1 and TLSv1.2.

We have also seen this exception when some API providers have been retrofitting their API to be fully PCI compliant, so in our servers we had to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

Have you recently made any changes or updates that could explain this? Any other idea or suggestion about what may be going wrong?

Many thanks in advance,

Hey Luis,

You are spot-on with this. Yesterday we removed support for TLSv1 & TLSv1.1 (which is why you received that error), but we had failed to communicate this change publicly so we quickly re-added that support (so it should work fine now).

Currently the plan is still to remove support for TLSv1 & TLSv1.1, but we will give ample warning so that any and all changes can be made prior to the update.

I do extremely apologize for the disruption and please feel free to add any input on this that you have. :slight_smile:

Hi David,

As we support TLSv1.2 even removing support for TLSv1 and TLSv1 we should be safe, shouldn’t we?

The last time we got that exception was about one hour ago, so I have the feeling there must be something else. Any other thing that may explain this? We haven’t changed anything on our end recently.

Many thanks,

Hi Luis,

It looks like there was another part that didn’t get reverted which now is - it should be good now.
Let me know if it continues to not work.

Hi David,

Last execution about two hours ago went on well.

Many thanks,

1 Like