4

Below is my flow file content. I have generated .key file with help of java keytool. the same flow is working for TLSv1.1(when client was using TLSv1.1 certificate) and not working for TLSv1.2(client certificate is TLSv1.2).

<https:connector name="paypalConnector" doc:name="HTTP\HTTPS" validateConnections="true" clientSoTimeout="10000" cookieSpec="netscape" receiveBacklog="0" receiveBufferSize="0" sendBufferSize="0" serverSoTimeout="10000" socketSoLinger="0">
    <service-overrides sessionHandler="org.mule.session.NullSessionHandler"/>
    <https:tls-server path="C:/Users/damodaram.setti/Desktop/PayPal/paypal.key" storePassword="paypal" requireClientAuthentication="true" />
</https:connector>

<https:outbound-endpoint exchange-pattern="request-response" method="POST" address="https://tlstest.paypal.com" mimeType="text/xml" connector-ref="paypalConnector" doc:name="2IssuerServ"/>

and I have tried with below options

-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false -Ddeployment.security.TLSv1.1=true -Ddeployment.security.TLSv1.2=true

and

-Dhttps.protocols=TLSv1.2 -Dhttps.cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

but no luck so far. Please help me to sort this issue.

Message               : Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=https://tlstest.paypal.com, connector=HttpsConnector
{
  name=paypalConnector
  lifecycle=start
  this=527fe4
  numberOfConcurrentTransactedReceivers=4
  createMultipleTransactedReceivers=true
  connected=true
  supportedProtocols=[https]
  serviceOverrides=<none>
}
,  name='endpoint.https.tlstest.paypal.com', mep=REQUEST_RESPONSE, properties={http.method=POST}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: PostMethod
Code                  : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. Connection refused: connect (java.net.ConnectException)
  java.net.DualStackPlainSocketImpl:-2 (null)
2. Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=https://tlstest.paypal.com, connector=HttpsConnector
{
  name=paypalConnector
  lifecycle=start
  this=527fe4
  numberOfConcurrentTransactedReceivers=4
  createMultipleTransactedReceivers=true
  connected=true
  supportedProtocols=[https]
  serviceOverrides=<none>
}
,  name='endpoint.https.tlstest.paypal.com', mep=REQUEST_RESPONSE, properties={http.method=POST}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: PostMethod (org.mule.api.transport.DispatchException)
  org.mule.transport.http.HttpClientMessageDispatcher:155 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/transport/DispatchException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
java.net.ConnectException: Connection refused: connect
    at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
    at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
    + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************

      * -XX:PermSize=128M
      * -XX:MaxPermSize=256M
      * -Ddeployment.security.SSLv2Hello=false
      * -Ddeployment.security.SSLv3=false
      * -Ddeployment.security.TLSv1=false
      * -Ddeployment.security.TLSv1.1=true
      * -Ddeployment.security.TLSv1.2=true
      * -Dmule.home=D:\MConnect\MuleStudioWorkspace\.mule
      * -Dlog4j.debug=true
      * -Dosgi.dev=true
      * -Dosgi.instance.area=file:/D:/MConnect/MuleStudioWorkspace
      * -Dfile.encoding=Cp1252
ERROR 2016-07-21 16:45:10,647 [[simpletest].connector.http.mule.default.receiver.02] org.mule.exception.DefaultMessagingExceptionStrategy: 
********************************************************************************
Message               : Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=https://tlstest.paypal.com, connector=HttpsConnector
{
  name=paypalConnector
  lifecycle=start
  this=527fe4
  numberOfConcurrentTransactedReceivers=4
  createMultipleTransactedReceivers=true
  connected=true
  supportedProtocols=[https]
  serviceOverrides=<none>
}
,  name='endpoint.https.tlstest.paypal.com', mep=REQUEST_RESPONSE, properties={http.method=POST}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: PostMethod
Code                  : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. Connection refused: connect (java.net.ConnectException)
  java.net.DualStackPlainSocketImpl:-2 (null)
2. Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=https://tlstest.paypal.com, connector=HttpsConnector
{
  name=paypalConnector
  lifecycle=start
  this=527fe4
  numberOfConcurrentTransactedReceivers=4
  createMultipleTransactedReceivers=true
  connected=true
  supportedProtocols=[https]
  serviceOverrides=<none>
}
,  name='endpoint.https.tlstest.paypal.com', mep=REQUEST_RESPONSE, properties={http.method=POST}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: PostMethod (org.mule.api.transport.DispatchException)
  org.mule.transport.http.HttpClientMessageDispatcher:155 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/transport/DispatchException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
java.net.ConnectException: Connection refused: connect
    at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
    at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
    + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
damodaram
  • 67
  • 11

2 Answers2

4

To use TLSv1.2 you must specify it in the https connector.

<spring:property name="sslType" value="TLSv1.2" />

or 

<https:connector name="paypalConnector" doc:name="HTTP\HTTPS" validateConnections="true" clientSoTimeout="10000" cookieSpec="netscape" receiveBacklog="0" receiveBufferSize="0" sendBufferSize="0" serverSoTimeout="10000" socketSoLinger="0">
     <spring:property name="sslType" value="TLSv1.2" />
     <service-overrides sessionHandler="org.mule.session.NullSessionHandler"/>
     <https:tls-server path="C:/Users/damodaram.setti/Desktop/PayPal/paypal.key" storePassword="paypal" requireClientAuthentication="true" />
</https:connector>

Hope that this answer your question.

Alex Fernandez
  • 1,892
  • 14
  • 17
  • Hi Alex,thanks for replying. with above solution also I am getting java.net.ConnectException: Connection refused: connect Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=https://tlstest.paypal.com, connector=HttpsConnector – damodaram Jul 21 '16 at 06:51
  • Can you suggest any other alternate please – damodaram Jul 21 '16 at 07:15
  • I integrated paypal before can you give me the stackrace? – Alex Fernandez Jul 21 '16 at 10:53
  • Also, we are using this properties, and we have not added https:tls-server in the configuration, just plain https connector with sslTypej paypal.http.host=api-3t.sandbox.paypal.com paypal.http.port=443 – Alex Fernandez Jul 21 '16 at 10:56
  • I have tried plain also as you said, but no luck can you please share your https connector which you are using.. – damodaram Jul 21 '16 at 11:16
  • how about sending your whole project – Alex Fernandez Jul 21 '16 at 11:20
  • I have placed code here https://www.dropbox.com/s/o6qg20v0x9bcx0t/Proj.zip?dl=0 which has certificate also which is generated using keytool. – damodaram Jul 21 '16 at 11:31
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/117920/discussion-between-alex-fernandez-and-damodaram). – Alex Fernandez Jul 21 '16 at 12:21
0

Please use the below syntax to create to send HTTP request over HTTP\HTTPS and enabling TLS versions. In this case I have used HTTPS protcol and sending request over TLSv1.

http:request-config doc:name="HTTP Request Configuration" name="HTTPS_Request_Configuration" protocol="HTTPS" connectionIdleTimeout="300000">
tls:context enabledProtocols="TLSv1">
tls:trust-store type="jks" password="${truststore.pwd}" path="${truststore.path}"/>
tls:key-store type="jks" password="${keystore.pass}" path="${keystore.path}" keyPassword="${keystore.keypass}" alias="${keystore.alias}"/>
/tls:context>
/http:request-config>
neophyte
  • 6,540
  • 2
  • 28
  • 43
Rakesh Jha
  • 1
  • 2