Hi,
Since we SSLV3 disabled (because POODLE ) on our application, our tests make gatling handshake_failure How do I disable SSLV3 of gatling please ?
“javax.net.ssl.SSLException: Received fatal alert: handshake_failure”
Regards ,
Sébastien
Hi,
Since we SSLV3 disabled (because POODLE ) on our application, our tests make gatling handshake_failure How do I disable SSLV3 of gatling please ?
“javax.net.ssl.SSLException: Received fatal alert: handshake_failure”
Regards ,
Sébastien
Ah ah ah ah ah.
Not supported ATM.
This would require me to patch AsyncHttpClient, then Gatling.
Merdum,
Merci Stéphane.
Vs avez prévu de le faire ?
What happens exactly? Which protocols does your server still support?
We use standard JSSE provider, that supports SSLv3 and TLSv1. I would expect it to pick TLSv1 if server doesn’t support SSLv3.
There’s a good chance the problem is on your side.
I just tested with a server that has only TLSv1 enabled and Gatling/AsyncHttpClient works properly as expected.
We have this problem only on Websocket server that accept TLSv1+HIGH
Not an OpenSSL expert, but it looks to me that your issue is not with the transport (TLS) but with the cyphers.
+HIGH means keys longer than 128 bits.
If so, you’d have to install JCE as Java comes by default with limited cryptography, as of american laws.
If that doesn’t do the trick, let’s be honest: I can’t provide more help without consulting.
Problem Solved
Shared Information:
TLS 1.1 / 1.2 are not enabled by default in java7.
To enable and disable SSLv3, add in JAVA options:
-Ddeployment.security.SSLv2Hello -Ddeployment.security.SSLv3 = False = false = false -Ddeployment.security.TLSv1 -Ddeployment.security.TLSv1.1 -Ddeployment.security.TLSv1.2 = true = true
In java8, is enabled by default TLS1.2
sorry for bad copy/paste
-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false -Ddeployment.security.TLSv1.1=true -Ddeployment.security.TLSv1.2=true