Java application fails with SSLHandshakeException

Symptoms

When a Java application attempts to connect to the Event Gateway, it fails to establish an SSL connection, and throws the following exception:

javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version

Causes

The Event Gateway default deployment is to allow only TLS v1.3 application connections. The version of Java being used to run the application does not support this level of the TLS protocol.

Resolving the problem

To resolve the problem, configure the gateway instance to support earlier versions of the TLS protocol.

Kubernetes Deployment gateways

In the Kubernetes Deployment gateways, set tls.versions in the ConfigMap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: "<gateway group>-<gateway id>-config"
  labels:
    app: "testexample"
    gatewayGroup: "<gateway group>"
    gatewayId: "<gateway id>"
data:
  gateway.properties: |
    tls.versions="TLSv1.2,TLSv1.3"

Operator-managed gateways

In operator-manager Event Gateways, set the TLS_VERSIONS environment variable in the custom resource.

    env:
    - name: TLS_VERSIONS
      value: 'TLSv1.2,TLSv1.3'

Docker gateways

In Docker Event Gateways, set the TLS_VERSIONS argument in the Docker run command: docker run -e TLS_VERSIONS="TLSv1.2,TLSv1.3"