Received fatal alert: handshake_failure

Document ID : KB000014151
Last Modified Date : 02/10/2018
Show Technical Document Details

When I make a call to the REST API using DevTest workstation, I am encountering the following errors: " Received fatal alert: handshake_failure". 

 | Message: Received fatal alert: handshake_failure 

| Trapped Exception: Received fatal alert: handshake_failure 
| Trapped Message: Received fatal alert: handshake_failure 
STACK TRACE Received fatal alert: handshake_failure 
at Source) 
at Source) 
at Source) 
at Source) 
at Source) 
at Source) 
at Source) 

pool-1-thread-1, RECV TLSv1 ALERT:  fatal, internal_error

pool-1-thread-1, called closeSocket()


All supported versions of DEVTEST

To get more specific information on what is causing the handshake failure, we need to collect more information regarding the SSL handshake failure.
In the DevTest Workstation, under Help menu there is a HTTP/SSL Debug viewer that lets we observe the details of HTTP and SSL activity in DevTest Workstation. This feature can be helpful in performing diagnostics.
To access HTTPS and SSL Debug Viewer documentation, please take a look at the following link:


One of the common causes for the handshake failure, is when the client application (DevTest Workstation) sends a request using a TLS version that is not supported by the server.
Example, DevTest Workstation uses TLSv1 and the Server does not accept it.
In this case, we will see something like
*** ClientHello, TLSv1
And after few lines you see a TLSv... fatal alert, it can be that the Client Hello is being executed with a TLS version not supported by the server.
In this case, we need to update the with the following property:
for TLS version 1.2:


for TLS version 1.1:


Save the properties files and restart the Workstation.

If we see the server is requesting a certificate and the Workstation is not providing the client authentication, for the REST step we will need to provide the client keystore in the under the two properties below:

ssl.client.cert.pass=[your keystore password] 
ssl.client.cert.path=[path to your keystore ]……… [path usage :  ‘ / ‘ not backward. ex: c:/mykeystore.jks]

Save the properties file and restart the Workstation.

Additional Information:

How to use different SSL Certificates for REST calls.