When trying to access an external HTTPS site with an application that uses the IBM JDK, such as WebSphere Liberty, the following message may appear depending on the site.
R javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
R at com.ibm.jsse2.av.a(av.java:599)
R at com.ibm.jsse2.av.i(av.java:869)
R at com.ibm.jsse2.av.a(av.java:19)
R at com.ibm.jsse2.av.startHandshake(av.java:672)
R at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
R at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
R at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:14
On the other hand, the Oracle JDK may work.
The IBM JDK negotiates communication with TLSv1.0 by default. On the other hand, if the other party is set to only allow TLSv1.2 (mostly these days), negotiation will fail and the above error message will occur.
Set the following three system properties. Then it will be negotiated with TLSv1.2. This option has been confirmed with JDK 1.8.
jvm.options etc.
-Dcom.ibm.jsse2.overrideDefaultTLS=true
-Djdk.tls.client.protocols=TLSv1.2
-Dhttps.protocols=TLSv1.2