I am trying to setup a URL monitor for an application that uses self signed certificates.
I am checking the "Accept untrusted certificates".
But upon execution I keep getting the below error. Wondering if anybody had a similar issue or any ideas on what I could try
Appmon version 7.1
Connection failed: DynaTraceHttpClientException: Exception was thrown while executing a HTTP request
Caused by: SSLHandshakeException: Received fatal alert: handshake_failure
SSL handshake failed, this may be caused by a broken, incompatible or self signed certificate. Check the 'Accept untrusted certificates' option to accept self signed certificates.
Solved! Go to Solution.
1 thing I've tried so far is un-disabling a bunch of algorithms and such in the collector java security config file in case there wasn't an algorithm or something like that they could agree on. Still want to try a few things in that area but no luck yet - I doubt it's just because the cert is self signed since we have that check box checked and that has always worked in the past.
Looked at some of the details in wireshark and comparing to how it was working in the browser it looked like the server wanted to use a cipher suite the jre didn't have enabled out of the box.
Some searching lead me to this resolution which I just tested on my local collector and it runs fine now:
The JREs disable all 256-bit crypto by default. To enable you can download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files here: http://www.oracle.com/technetwork/java/javase/downloads/index.html
Replace the local_policy.jar and US_export_policy.jar jars files into your lib/security in jre directory.