Webhook configuration failure in VCF Operations for Logs due to TLS Handshake Error: handshake_failure(40)
Article ID: 437600
Updated On:
Products
VCF Operations
Issue/Introduction
While configuring an Atlassian webhook in VCF Operations for Logs, the test notification fails with the following error:
Failed to send notification - Received fatal alert: handshake_failure(40)Log snippet from
/storage/core/loginsight/var/runtime.log:["application-akka.actor.default-dispatcher-9"/<LI_IP_ADDRESS> ERROR] [com.vmware.loginsight.notifications.WebhookNotificationProvider] [Error connecting to URL \\\\\<target URL>] org.bouncycastle.tls.TlsFatalAlertReceived: handshake_failure({40})Environment
- VCF Operations for Logs 9.0.x
Cause
Analysis of the TCP packet capture revealed that the
TLS Client Hello message sent by VCF Operations for Logs was missing the Server Name Indication (SNI) extension. Many modern servers (including Atlassian) require SNI during the TLS handshake to correctly identify the target virtual host. Without SNI, the server cannot complete the handshake and terminates the connection, resulting in the handshake_failure(40) error. This behavior was traced to the SSL socket implementation in the bundled library, where SNI was not being included by default.Resolution
This behavior is a known to us and currently requires a workaround to resolve it. The workaround requires custom
JAR file to be placed in appropriate directories in VCF Operations for Logs. For a custom JAR file, please open a Support Request with Broadcom Technical Support and cite this Article ID (437600) in the problem description. For more information, see Creating and managing Broadcom support cases.Additional Information
Feedback
Yes
No
Powered by
