search

ibmruntimes / ci.docker

Dockerfiles and build scripts for generating various Docker Images related to IBM Runtimes
Apache License 2.0
45 stars 35 forks source link

Q: setting SSL? #63

Closed composer22 closed 4 years ago

composer22 commented 5 years ago

Trying to use: ibmjava:8-jre-alpine along with spring boot.

We've been using this image for over a year, including latest, and we are now getting exceptions around TLS 1.2. Such as this example

org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://FOO": Connection reset; nested exception is java.net.SocketException: Connection reset

or

Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
    at com.ibm.jsse2.at.a(at.java:145) ~[na:8.0

Works fine in openjdk and using cURL

Q: are there any special settings we need to include in this image to configure? Tried

to no affect

as recommended:

https://www-01.ibm.com/support/docview.wss?uid=nas8N1022279

Any ideas appreciated.

amnpandey commented 5 years ago

Please add "-Dcom.ibm.jsse2.overrideDefaultTLS = true" and check if it works

We need to add all the below 3 for TLSv1.2: -Dcom.ibm.jsse2.overrideDefaultTLS = true -Djdk.tls.client.protocols = TLSv1.2 -Dhttps.protocols = TLSv1.2

dinogun commented 5 years ago

@composer22 Did the above help ? Were you able to fix your issue ?

dinogun commented 4 years ago

closing as fixed.