REST method giving a SSL handshake error - fatal alert: handshake_failure

Document ID : KB000074760
Last Modified Date : 15/05/2018
Show Technical Document Details
When using the REST step I am receiving a SSL handshake failure.
The same process works in the REST client Postman and in Fiddler after configuring https.protocols=TLSv1.2.
The following exception is received with DevTest Workstation, REST step.
| Message: Received fatal alert: handshake_failure
| Trapped Exception: Received fatal alert: handshake_failure
| Trapped Message: Received fatal alert: handshake_failure
STACK TRACE Received fatal alert: handshake_failure
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
Devtest 10.1, 10.2 and 10.3
From the HTTP/SSL debug log, looks like Server immediately throws handshake failure when Client Hello is done. It seems to be SNI issue. 
There is a known issue with Java 8 supporting SNI correctly in all versions before 8u152.
Versions after this should function correctly, but versions prior to this may not send SNI information when expected. 
Here are the steps you can follow to update the jre with DevTest installation. 
1. Download Java SE Development Kit 8u152. You can use the link below: 
2. After the download, open the jdk exe file and install it on your environment. 
3. Stop DevTest Workstation. 
4. Go to $LISA_HOME and rename the folder jre to jre_old.
4. When the installation is completed, go to where the new JDK was installed and copy the jre folder. Usually the new JDK will be installed under C:\Program Files\Java\jdk1.8.0_152. 
5. Place the new jre folder under $LISA_HOME. 
6. You will need to copy the following files from the jre_old to the new jre folder: 
From $LISA_HOME/jre_old/lib/ext/, copy tools.jar to $LISA_HOME/jre/lib/ext/. 
From $LISA_HOME/jre_old/lib/security/, copy local_policy.jar and US_export_policy.jar to $LISA_HOME/jre/lib/security/. 
7. Start DevTest Workstation. 
8. Try to send the request to your target URL. You should get a successful response this time.
Additional Information:
If the issue is happening in the Simulators, VSE then all the DevTest components need to follow the above steps.
For more information regarding SNI, please refer to the link below: