Resolve Error “Some selected protocols are invalid…”

Mule 3.8 supports only TLSv1.1 and TLSv1.2 by default due to vulnerability issues with TLSV1. So, by default only v1.1 and v1.2 TLS are enabled both at the Mule Runtime and the Anypoint Studio settings.

This scenario is applicable when you have a https requestor in your flow and configure it to enable the TLSv1, as the endpoint or service it is going to hit supports only TLSv1 and not the version 1.1 and 1.2.

To reproduce the error, I have intentionally added other properties in “TLS/SSL”. But in normal scenarios, you will be adding the properties for it to work.

tls-error
TLS Setting V1. Other properties are intentionally set blank.

Now when I run my application it gives the error saying “some selected protocols are invalid…..”.

Error:

org.mule.api.lifecycle.InitialisationException: Some selected protocols are invalid. Valid protocols according to your TLS configuration file are: TLS
v1.1, TLSv1.2
	at org.mule.transport.ssl.DefaultTlsContextFactory.globalConfigNotHonored(DefaultTlsContextFactory.java:106) ~[mule-transport-ssl-3.8.0.jar:3.8.0]
	at org.mule.transport.ssl.DefaultTlsContextFactory.initialise(DefaultTlsContextFactory.java:80) ~[mule-transport-ssl-3.8.0.jar:3.8.0]
	at org.mule.api.lifecycle.LifecycleUtils.initialiseIfNeeded(LifecycleUtils.java:57) ~[mule-core-3.8.0.jar:3.8.0]
	at org.mule.api.lifecycle.LifecycleUtils.initialiseIfNeeded(LifecycleUtils.java:35) ~[mule-core-3.8.0.jar:3.8.0]
	at org.mule.module.http.internal.request.grizzly.GrizzlyHttpClient.configureTlsContext(GrizzlyHttpClient.java:120) ~[mule-module-http-3.8.0.jar:3.8.0
]
	at org.mule.module.http.internal.request.grizzly.GrizzlyHttpClient.initialise(GrizzlyHttpClient.java:105) ~[mule-module-http-3.8.0.jar:3.8.0]
	at org.mule.module.http.internal.request.DefaultHttpRequesterConfig.initialise(DefaultHttpRequesterConfig.java:124) ~[mule-module-http-3.8.0.jar:3.8.
0]

 

The fix is to go and enable the TLSv1 in your Anypoint Studio settings. You can follow the steps here for enabling/disabling TLS settings for Anypoint Studio. If this occurs in your runtime after deploying the application, then follow the same steps by navigating to the runtime folder and browse the “conf” folder and open “tls-default.conf” and edit the values for enabledProtocols.

“enabledProtocols=TLSv1.1,TLSv1.2”

Leave a Reply

Your email address will not be published. Required fields are marked *