Tracing SSL Handshake

The SSL handshake can be traced in the noapp.log file.
Note: In Sterling B2B Integrator v6.2.0.1 and above, TLS 1.3 is configured as the default communication protocol for SSL RMI, and this configuration cannot be overridden.
  1. Navigate to <Install_Dir>/properties/customer_overrides.properties file.
  2. Add the following property in the properties file:
    security.EnableSSLTrace=all
  3. Capture network packets by running a TCP dump over RMI port for ASI, Adapter Container, and Liberty.
  4. Optional: To verify the SSL handshake, run following command for ASI, Adapter Container, and Liberty:
    $ echo "" | openssl s_client -connect <Host>:<port>
    To obtain the JNDI ports, navigate to <Install_Dir>/properties/sandbox.cfg and search for the property:
    • ASI: LOCAL_JNDI_PORT
    • Adapter Container: node1AC1_JNDIPORT

Steps to Enable SSL Logs

  1. Edit security.properties.in file and set the following property:

    EnableSSLTrace=all

  2. Edit the tmp.sh.in file. Add the following lines to the file:

    JAVA_FLAGS="${JAVA_FLAGS} -Djavax.net.debug=ssl,handshake"

    SERVER_FLAGS="${SERVER_FLAGS} -Djavax.net.debug=ssl,handshake"

  3. Update the install/bin/tmp.sh_asset_ext.in file. Add the flag -Djavax.net.debug=ssl,handshake to SERVER_FLAGS.
  4. Run the following command to apply the changes:

    bin/setupfiles.sh

  5. Use the run.sh/runAll.sh script to start the B2Bi application.
  6. Check the noapp.log files to ensure that SSL debugging is enabled and functioning as expected.