Hitachi Vantara Pentaho Community Forums
Results 1 to 4 of 4

Thread: rest client api - handshake_failure

  1. #1
    Join Date
    Apr 2011
    Posts
    159

    Default rest client api - handshake_failure

    Trying to obtain a token by passing userId/password via the body in a rest call and this is working with Chrome's Advanced REST API. That is, when I put the body parms in a put method against the url I get back the security token (200 OK) when using the Chrome tool.

    However, when I add this same functionality via the REST client, v 5.2.0.0, I am getting:

    2015/11/25 09:52:31 - REST Client.0 - ERROR (version 5.2.0.0, build 1 from 2014-09-30_19-48-28 by buildguy) : Because of an error, this step can't continue:
    2015/11/25 09:52:31 - REST Client.0 - Can not result from [https://10.1.1.118:8443/mgmt/rest/security/login]
    2015/11/25 09:52:31 - REST Client.0 - javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    2015/11/25 09:52:31 - REST Client.0 - ERROR (version 5.2.0.0, build 1 from 2014-09-30_19-48-28 by buildguy) : org.pentaho.di.core.exception.KettleException:
    2015/11/25 09:52:31 - REST Client.0 - Can not result from [https://10.1.1.118:8443/mgmt/rest/security/login]
    2015/11/25 09:52:31 - REST Client.0 - javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

    The main elements used in the REST CLIENT are:
    • url (i.e. https://10.1.1.118:8443/mgmt/rest/security/login) - (obtained from previous generate rows step)
    • HTTP method = PUT
    • body field = {"userId":"myuser","password":"mypassword"} - (obtained from previous generate rows step)
    • application type = JSON


    Thoughts on what I'm missing?

    One thought I had, one difference, may be the application DOES prompt 'the certificate for this site is invalid' - that is, the cert does not use a CA; so perhaps I 'added it' in Chrome, and need to do something similar with ETL?

  2. #2
    Join Date
    Nov 2014
    Posts
    15

    Default

    Hi loganseth, Any luck with this issue?

  3. #3
    Join Date
    Apr 2011
    Posts
    159

    Default

    I wish! Gave up on it and moved on...

    I haven't tried with a later code set, but maybe that'll work!?

    AGH!

  4. #4
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Have you ever thought about what happens during that handshake?
    An untrusted certificate should throw a different exception, something like PathBuilderException.
    I would look into the cipher suites accepted by the server, and compare them to those available on the client.
    The server side can easily be tested with curl debug mode.
    The client side should be even easier, with the JVM settings and your own Kettle JVM options.
    So long, and thanks for all the fish.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.