Question

PRPC 7.1.6 Connect Rest Issue - No way to select type of secure protocol type (SSL/TLS)

We are currently using 7.1.6 version of Pega and trying to consume a rest service. In the Connect rest rule there is no place to select Secure protocol Type and we are trying to customize the pyInvokeRESTConnector activity.

Is there any other way or similar case anyone faced?

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Comments

Keep up to date on this post and subscribe to comments

April 2, 2018 - 9:47am

Hi,

Could you please elaborate what kind of SSL authentication you are trying to use for the rest service ,I think we can implement  without customizing the activity pyInvokerestconnector. Thanks

April 27, 2018 - 7:11am

Hi , 

We were trying to consume a service using Connect-Rest. The service side is pointed to Secure protocol version ( TLSv 1.2). As we were there on Pega 7.1.6, we got confirmation from SR team that 7.1.6 only supports until TLS V1.1 and we need to upgrade. 

Thanks, 

Sirisha

Pega
May 1, 2018 - 12:39pm
Response to SiriRamacharlu

Newer versions of the Pega 7  platform (newer than 7.1.6) have proper support for TLS version 1.2, and also an improved way to control what versions of TLS are used for each connection. Upgrading will surely give you a better experience.

May 2, 2018 - 2:10am
Response to HOULJ

Yes , Pega 7.1.6 does not support TLS v1.2 according to their support team.

We were left with no choice but to Upgrade :)

May 1, 2018 - 4:23pm

Hi Sirisha,

In the pyRESTConnector activity, step 4 will have the code to set the required parameters for the REST invocation. In one of the variables the value was set to SSL, this needs to be changed to TLSV1.2. Please find the code below.

i

  1. if (serviceURL.toLowerCase().startsWith("https"))
  2. {
  3. // HFix-9721 START
  4. String truststoreName = stepPage.getString("pyTruststoreName");
  5. String keystoreName = stepPage.getString("pyKeystoreName");
  6. // default to SSL for now
  7. String protocol = "SSL";

In the above code, instead of SSL try setting the value. 

                String protocol = "TLSV1.2";

Regards,
VK

May 2, 2018 - 2:20am
Response to VKDURBHA

Hi,

We tried doing this too, but in 7.1.6 code of pyInvokeRestConnector activity , there is no code like this :

String truststoreName = stepPage.getString("pyTruststoreName");

String keystoreName = stepPage.getString("pyKeystoreName");

String protocol = "SSL";

We tried to customize the entire activity too , but could not achieve.

For 7.1.6, TLS v1.2 isn't supported by Pega (Confirmed by Pega )

May 2, 2018 - 7:39am

Hi Sirisha,

We are using 6.3 sp1. Pega has provided a hotfix (Hfix-9721), kindly check with support team if this works for you.

Thanks, 

VK