I have an outbound JAX-WS client component to my application. When I run the application locally from my computer it works. When I try running the app in docker it fails with the error in the title of this post.
On my computer the banner in the log file is:
Launching portolano (WebSphere Application Server 16.0.0.3/wlp-1.0.14.cl160320160831-1555) on Java HotSpot(TM) 64-Bit Server VM, version 1.8.0-ea-b121 (en_US)
I am using docker image websphere-liberty:javaee7 and the banner in the log is:
Launching defaultServer (WebSphere Application Server 16.0.0.3/wlp-1.0.14.cl160320160831-1555) on IBM J9 VM, version pxa6480sr3fp20-20161019_02 (SR3 FP20) (en_US)
The problem seems to related to the client handshake.
When I run WebSphere Liberty docker image it uses the IBM JDK and is trying a TLS 1.2 client handshake that is being rejected. Here is the debug when I turn on ssl debugging:
LargeThreadPool-thread-53, WRITE: TLSv1.2 Handshake, length = 201
LargeThreadPool-thread-53, READ: TLSv1 Alert, length = 2
LargeThreadPool-thread-53
, RECV TLSv1.2 ALERT:
fatal,
close_notify
When I run WebSphere Liberty locally on my laptop with the Oracle JDK it tries TLS 1 client handshake that works. Here is the debug when I turn on ssl debugging at the same location in the handshake as above:
Default Executor-thread-23, WRITE: TLSv1 Handshake, length = 183
Default Executor-thread-23, READ: TLSv1 Handshake, length = 65
*** ServerHello, TLSv1
I have no control over the remote server. How can I force the IBM JDK to do the same thing as the Oracle JDK?
