You need to sign in to do that
Don't have an account?
Bhushan burujwale
Login over insecure channel
We have an integration with SOAP API and are using partner.wsdl.
As salesforce is supporting TLS version 1.1 and higher we have made the required code changes
which is setting the TLS version as "TLSv1.2".
We have observed in the login history that some time it uses TLS version 1.0 and status is
"Failed: Login over insecure channel".
Example Login History:
bhus.NTYTU@36demo.com 2/17/2017 16:07 115.248.170.162 Other Apex API Failed: Login over insecure channel Axis 1.4 Unknown N/A N/A SOAP Partner 33 login.salesforce.com TLS 1.0 AES128-SHA IN India 424001 20.9 74.7833
We have set a JVM parameter as Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 and using axis 1.4 as 3rd party, what could be the reason that it is selecting TLS version 1.0.
As salesforce is supporting TLS version 1.1 and higher we have made the required code changes
which is setting the TLS version as "TLSv1.2".
We have observed in the login history that some time it uses TLS version 1.0 and status is
"Failed: Login over insecure channel".
Example Login History:
bhus.NTYTU@36demo.com 2/17/2017 16:07 115.248.170.162 Other Apex API Failed: Login over insecure channel Axis 1.4 Unknown N/A N/A SOAP Partner 33 login.salesforce.com TLS 1.0 AES128-SHA IN India 424001 20.9 74.7833
We have set a JVM parameter as Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 and using axis 1.4 as 3rd party, what could be the reason that it is selecting TLS version 1.0.
You may try https.protocols=TLSv1.1,TLSv1.2
We cannot remove "TLSV1" as it's required by other application on JBoss.
We have below code that actually sets SSLContext to TLSv1.2 but why does it use TLSV1
try{
SSLContext context = SSLContext.getInstance("TLSv1.2");
context.init(null, // KeyManager not interesting here
new TrustManager[] { new AllowAllTrustManager()},
new java.security.SecureRandom());
SSLContext.setDefault(context);
}catch (Exception e) {
if(log.isErrorEnabled()){
log.error("Error occured while setting SSL Protocol " ,e);
}
throw new ConnectorException(e);
}
Regards,
Imran
Hence it updates the TLSv2 with TLSv1.
So we tried by setting the SSLContext in the (Apache TOMCAT) container to TLSv1, but still, the context was set to TLSv1.2 and
the login History of salesforce was displaying TLSv1.2.
The jdk used in 1.7 and we cannot upgrade to jdk 1.8.
Please check the code snippet:
try{
SSLContext context = SSLContext.getInstance("TLSv1.2");
context.init(null, // KeyManager not interesting here
new TrustManager[] { new AllowAllTrustManager()},
new java.security.SecureRandom());
SSLContext.setDefault(context);
}catch (Exception e) {
if(log.isErrorEnabled()){
log.error("Error occured while setting SSL Protocol " ,e);
}
throw new ConnectorException(e);
}
Regards,
Imran