Handshake issue while connecting to RTO from linux system using RTSDK?
We are trying to connect to RTO from Linux container (Red Hat Enterprise Linux 9.4) using RTSDK-Java. We are getting below error while trying to make consumer connection:
Failed to add RsslChannel(s) to RsslReactor. Channel name(s) Channel_1\n\tInstance Name Consumer_1_1\n\tRsslReactor @68bef3df\n\tRsslChannel null\n\tError Id -1\n\tInternal sysError 0\n\tError Location RestReactor.submitAuthRequestBlocking\n\tError Text failed to submit authorization request, exception = Remote host terminated the handshake
Best Answer
-
Hello @prashantd
About your "We tried both 'nslookup' and 'curl (version 2)' given by you, and we are able to connect from our network without any error." message, did you try it on the same OpenShift container or the local machine?
Can you try the following Java Code on the OpenShift platform to verify that a simple Java HTTP request can make a connection to the RDP API Gateway?
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.refinitiv.com:443/auth/oauth2/v2/token"))
.header("Content-Type", "application/x-www-form-urlencoded")
.method("POST", HttpRequest.BodyPublishers.ofString("client_secret=<client_secret>&client_id=<client_id>&grant_type=client_credentials&scope=trapi"))
.build();
HttpResponse<String> response = HttpClient.newHttpClient().send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());Note: According to the RTSDK Java README file, the SDK isn't qualified on the Docker platform. If you find any problems while running it on the Docker platform, the issues must be replicated on bare metal machines before contacting the support team.
Does the problem occur on physical machine?
0
Answers
-
Hello @prashantd
The error message "RestReactor ... failed to submit authorization request, exception = Remote host terminated the handshake" indicate that the API cannot establish a HTTP connection to the https://api.refinitiv.com:443/auth/oauth2/<version>/token endpoint.
Does your company has any firewall or network policy that blocks a connection to api.refinitiv.com domain?
You can try the following commands to verify a HTTP connection from your container/machine.
nslookup api.refinitiv.com
Or if you are using the Authentication Version 1 (Machine ID: GE-A-XXXXXXXX-X-XXXX)
curl --location --request POST 'https://api.refinitiv.com/auth/oauth2/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode "username=<MACHINE_ID>" \
--data-urlencode "password=<PASSWORD>" \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=trapi' \
--data-urlencode 'takeExclusiveSignOnControl=true' \
--data-urlencode "client_id=<APP_KEY>"Or if you are using the Authentication Version 2 (CIAM, Service Account, Client ID: GE-XXXXXXXXXXXX)
curl --location --request POST \
'https://api.refinitiv.com:443/auth/oauth2/v2/token' \
--header 'Accept: */*' \
--header 'Authorization: Bearer ' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=trapi'Note: The static IP address of api.refinitiv.com are as follows:
- 75.2.0.254
- 99.83.242.11
0 -
Hi wasin.w,
Thanks for the timely response. We tried both 'nslookup' and 'curl (version 2)' given by you and we are able to connect from our network without any error. This handshake issue is happening only on the OpenShift container (Red Hat Enterprise Linux 9.4). Below are the detailed logs from the OpenShift container. I have masked our proxy server details with http://xxx.xx.xx.xxx:xxx so please ignore that:
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection request: [route: {tls}->http://xxx.xx.xx.xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 0 of 2; total allocated: 0 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection leased: [id: 0][route: {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 1 of 2; total allocated: 1 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Opening connection {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultHttpClientConnectionOperator","message":"Connecting to /xxx:xxx:xx:xxx:xxx","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultHttpClientConnectionOperator","message":"Connection established 10.197.32.178:50296<->xxx:xxx:xx:xxx:xxx","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> CONNECT api.refinitiv.com:443 HTTP/1.1","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> Host: api.refinitiv.com","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.7)","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"CONNECT api.refinitiv.com:443 HTTP/1.1[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"Host: api.refinitiv.com[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.7)[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"HTTP/1.1 200 Connection Established[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"Proxy-Agent: XXXXXX/6.2[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 << HTTP/1.1 200 Connection Established","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 << Proxy-Agent: XXXXXX/6.2","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Tunnel to target created.","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Enabled protocols: [TLSv1.3, TLSv1.2]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Enabled cipher suites:[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Starting handshake","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultManagedHttpClientConnection","message":"http-outgoing-0: Shutdown connection","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Connection discarded","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection released: [id: 0][route: {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 0 of 2; total allocated: 0 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection manager is shutting down","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection manager shut down","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
@{"thread":"main","level":"ERROR","loggerName":"com.refinitiv.ema.access.OmmConsumerImpl","message":"loggerMsg\n ClientName: ChannelCallbackClient\n Severity: Error\n Text: Failed to add RsslChannel(s) to RsslReactor. Channel name(s) Channel_1\n\tInstance Name Consumer_1_1\n\tRsslReactor @5ab0168\n\tRsslChannel null\n\tError Id -1\n\tInternal sysError 0\n\tError Location RestReactor.submitAuthRequestBlocking\n\tError Text failed to submit authorization request, exception = Remote host terminated the handshake\nloggerMsgEnd\n\n","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger"}
Can you please check this once from your end and let us know if something needs to be corrected?
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛