Re: Java/RPG Question

from: Blake Butterworth <BButterworth@xxxxxxxxxxxxxx>
subject: Java/RPG Question

Hello All,

We have an RPG application that uses a Java class to perform HTTPS REST
requests to an external web API. The connectivity between the systems broke
recently (probably due to an update applied on the other side). We?ve
determined the problem is that the process needs to establish a TLS
1.2-level connection since by default the Java environment appears to use
an older, now unsupported version of TLS. We found a way to enable the Java
code to establish a TLS 1.2 connection with the following property:

-Dcom.ibm.jsse2.overrideDefaultTLS=true

When we run a Java test app within QSH from the command line, it causes
the Java code to negotiate a connection using TLS 1.2, which fixes our
problem.

Java -Dcom.ibm.jsse2.overrideDefaultTLS=true <class>

When we put the property into the RPG program using the
QIBM_RPG_JAVA_PROPERTIES environment variable, it fails. The JVM has an
error on startup. We tried using ADDENVVAR and then the command line
invocation without the property, which doesn?t work either. Lastly, we
tried putting the property in a SystemDefault.properties file. It seems the
system sees the property, but the JVM fails on startup.

Has anyone else run into something like this? Is there a better/alternate
way to configure Java to use TLS 1.2? We are currently running Java 8 on
IBM i 7.2. Sorry, this is kind of a cross-over question. I can post it to
the RPG side, if need be.

Thanks,
Blake Butterworth

Application Development Manager

Kansas Turnpike Authority