[WSO2 ESB] Requests Missing without any Clue !!!
Recently when working with ESB, I came across an issue, in which the requests which were sent to ESB were missing without any clue. The only warn log was the following
WARN {org.apache.synapse.transport.passthru.SourceHandler} - Connection time out after request is read: http-incoming-5 {org.apache.synapse.transport.passthru.SourceHandler}The source handler timeout has happen due to many reasons which includes slow back end response also. Enabling the wire logs in ESB also didn’t give any clue as there were no any error logs. Incoming request logs were there but thereafter only this warn message was obtained.
When analyzing, I found out that this cause for this might be due the requests missing in the transport Layers.
When sending HTTPS requests we have Hand Shake process. In which both client and server decide on TLS version for the transaction. The client first starts with its maximum supported TLS version and if it is not supported by the server then both negotiate on maximum supported TLS version common to both. If there is no any common supported versions, the requests may fail. This has happened in the above mentioned issue.
In JDK 1.7_ default TLS version is TLSv1.0 although it supports TLSv1.2. So if you are using ESB with JDK 1.7_ the maximum supported version will be TLSv1.0 by default. Hence if your back end/server doesn’t support it, the requests may fail. Currently, most of the servers are upgrading their TLS supported version due to security issues. So you may encounter this all of a sudden form nowhere. To check the TLS handshake versions you can enable SSL debug logs by starting the ESB with -Djavax.net.debug=ssl.
How can we resolve this ?
We can set the maximum supported TLS version in ESB by adding the “SSLProtocol” parameter to the “org.apache.synapse.transport.passthru.PassThroughHttpSSLSender” class in the axis2.xml found in <ESB_HOME>/repository/conf/axis2/axis2.xml as follows
<parameter name="SSLProtocol">TLSv1.2</parameter>Hope this solution may help whenever a similar issue is encountered.