2604240 - TLS handshake failure due to missing SNI extension | SAP Knowledge Base Article

SAP Knowledge Base Article - Preview

2604240 - TLS handshake failure due to missing SNI extension

Symptom

A TLS connection from the AS Java using the IAIK library (SAP Note 2284059) fails with the following trace:

ssl_debug(6): Starting handshake (iSaSiLk)...
ssl_debug(6): Sending v3 client_hello message to <server>, requesting version <TLS version>...
ssl_debug(6): Sending extensions: renegotiation_info (XXXX), signature_algorithms (XX)
ssl_debug(6): IOException while handshaking: Connection reset
ssl_debug(6): Sending alert: Alert Fatal: handshake failure
ssl_debug(6): Exception sending message: java.net.SocketException: errno: 32 (Broken pipe), error: Write failed (local port XXXXX to address <IP> (<domain>), remote host unknown)
ssl_debug(6): Shutting down SSL layer...
ssl_debug(6): Closing transport...

Note that the connection is reset right after sending the extensions (bold part above).


Read more...

Environment

SAP NetWeaver Application Server Java

Product

SAP NetWeaver Application Server for Java all versions

Keywords

ssl pi xi adapter soap , KBA , BC-JAS-SEC-CPG , Cryptography , BC-XI-CON-SOP , SOAP Adapter , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.