Symptoms
When a Java application attempts to connect to the Event Gateway, it fails to establish an SSL connection, and throws the following exception:
javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
Causes
The Event Gateway default deployment is to allow only TLS v1.3 application connections. The version of Java being used to run the application does not support this level of the TLS protocol.
Resolving the problem
To resolve the problem, configure the gateway instance to support earlier versions of the TLS protocol.
Kubernetes Deployment gateways
In the Kubernetes Deployment gateways, set tls.versions in the ConfigMap:
apiVersion: v1
kind: ConfigMap
metadata:
name: "<gateway group>-<gateway id>-config"
labels:
app: "testexample"
gatewayGroup: "<gateway group>"
gatewayId: "<gateway id>"
data:
gateway.properties: |
tls.versions="TLSv1.2,TLSv1.3"
Operator-managed gateways
In operator-manager Event Gateways, set the TLS_VERSIONS environment variable in the custom resource.
env:
- name: TLS_VERSIONS
value: 'TLSv1.2,TLSv1.3'
Docker gateways
In Docker Event Gateways, set the TLS_VERSIONS argument in the Docker run command: docker run -e TLS_VERSIONS="TLSv1.2,TLSv1.3"