Handshake issue while connecting to RTO from linux system using RTSDK?
We are trying to connect to RTO from Linux container (Red Hat Enterprise Linux 9.4) using RTSDK-Java. We are getting below error while trying to make consumer connection:
Failed to add RsslChannel(s) to RsslReactor. Channel name(s) Channel_1\n\tInstance Name Consumer_1_1\n\tRsslReactor @68bef3df\n\tRsslChannel null\n\tError Id -1\n\tInternal sysError 0\n\tError Location RestReactor.submitAuthRequestBlocking\n\tError Text failed to submit authorization request, exception = Remote host terminated the handshake
Best Answer
-
Hello @prashantd
About your "We tried both 'nslookup' and 'curl (version 2)' given by you, and we are able to connect from our network without any error." message, did you try it on the same OpenShift container or the local machine?
Can you try the following Java Code on the OpenShift platform to verify that a simple Java HTTP request can make a connection to the RDP API Gateway?
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.refinitiv.com:443/auth/oauth2/v2/token"))
.header("Content-Type", "application/x-www-form-urlencoded")
.method("POST", HttpRequest.BodyPublishers.ofString("client_secret=<client_secret>&client_id=<client_id>&grant_type=client_credentials&scope=trapi"))
.build();
HttpResponse<String> response = HttpClient.newHttpClient().send(request, HttpResponse.BodyHandlers.ofString());
System.out.println(response.body());Note: According to the RTSDK Java README file, the SDK isn't qualified on the Docker platform. If you find any problems while running it on the Docker platform, the issues must be replicated on bare metal machines before contacting the support team.
Does the problem occur on physical machine?
0
Answers
-
Hello @prashantd
The error message "RestReactor ... failed to submit authorization request, exception = Remote host terminated the handshake" indicate that the API cannot establish a HTTP connection to the https://api.refinitiv.com:443/auth/oauth2/<version>/token endpoint.
Does your company has any firewall or network policy that blocks a connection to api.refinitiv.com domain?
You can try the following commands to verify a HTTP connection from your container/machine.
nslookup api.refinitiv.com
Or if you are using the Authentication Version 1 (Machine ID: GE-A-XXXXXXXX-X-XXXX)
curl --location --request POST 'https://api.refinitiv.com/auth/oauth2/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode "username=<MACHINE_ID>" \
--data-urlencode "password=<PASSWORD>" \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=trapi' \
--data-urlencode 'takeExclusiveSignOnControl=true' \
--data-urlencode "client_id=<APP_KEY>"Or if you are using the Authentication Version 2 (CIAM, Service Account, Client ID: GE-XXXXXXXXXXXX)
curl --location --request POST \
'https://api.refinitiv.com:443/auth/oauth2/v2/token' \
--header 'Accept: */*' \
--header 'Authorization: Bearer ' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=trapi'Note: The static IP address of api.refinitiv.com are as follows:
- 75.2.0.254
- 99.83.242.11
0 -
Hi wasin.w,
Thanks for the timely response. We tried both 'nslookup' and 'curl (version 2)' given by you and we are able to connect from our network without any error. This handshake issue is happening only on the OpenShift container (Red Hat Enterprise Linux 9.4). Below are the detailed logs from the OpenShift container. I have masked our proxy server details with http://xxx.xx.xx.xxx:xxx so please ignore that:
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection request: [route: {tls}->http://xxx.xx.xx.xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 0 of 2; total allocated: 0 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection leased: [id: 0][route: {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 1 of 2; total allocated: 1 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Opening connection {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultHttpClientConnectionOperator","message":"Connecting to /xxx:xxx:xx:xxx:xxx","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultHttpClientConnectionOperator","message":"Connection established 10.197.32.178:50296<->xxx:xxx:xx:xxx:xxx","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> CONNECT api.refinitiv.com:443 HTTP/1.1","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> Host: api.refinitiv.com","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.7)","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"CONNECT api.refinitiv.com:443 HTTP/1.1[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"Host: api.refinitiv.com[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"User-Agent: Apache-HttpClient/4.5.14 (Java/17.0.7)[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 >> \"[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"HTTP/1.1 200 Connection Established[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"Proxy-Agent: XXXXXX/6.2[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.wire","message":"http-outgoing-0 << \"[\\r][\\n]\"","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 << HTTP/1.1 200 Connection Established","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.headers","message":"http-outgoing-0 << Proxy-Agent: XXXXXX/6.2","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Tunnel to target created.","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Enabled protocols: [TLSv1.3, TLSv1.2]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Enabled cipher suites:[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.conn.ssl.SSLConnectionSocketFactory","message":"Starting handshake","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.DefaultManagedHttpClientConnection","message":"http-outgoing-0: Shutdown connection","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.execchain.MainClientExec","message":"Connection discarded","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection released: [id: 0][route: {tls}->http://xxx:xxx:xx:xxx:xxx->https://api.refinitiv.com:443][total available: 0; route allocated: 0 of 2; total allocated: 0 of 20]","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection manager is shutting down","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
{"thread":"main","level":"DEBUG","loggerName":"org.apache.http.impl.conn.PoolingHttpClientConnectionManager","message":"Connection manager shut down","endOfBatch":false,"loggerFqcn":"org.apache.commons.logging.LogAdapter$Log4jLog"}
@{"thread":"main","level":"ERROR","loggerName":"com.refinitiv.ema.access.OmmConsumerImpl","message":"loggerMsg\n ClientName: ChannelCallbackClient\n Severity: Error\n Text: Failed to add RsslChannel(s) to RsslReactor. Channel name(s) Channel_1\n\tInstance Name Consumer_1_1\n\tRsslReactor @5ab0168\n\tRsslChannel null\n\tError Id -1\n\tInternal sysError 0\n\tError Location RestReactor.submitAuthRequestBlocking\n\tError Text failed to submit authorization request, exception = Remote host terminated the handshake\nloggerMsgEnd\n\n","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger"}
Can you please check this once from your end and let us know if something needs to be corrected?
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 688 Datastream
- 1.4K DSS
- 625 Eikon COM
- 5.2K Eikon Data APIs
- 11 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 558 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 23 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 277 Open PermID
- 44 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 1.9K Refinitiv Data Platform
- 695 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 92 Workspace SDK
- 11 Element Framework
- 5 Grid
- 18 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛
