API integration was working, now it's not

  • 1
  • Problem
  • Updated 8 months ago
Archived and Closed

This conversation is no longer open for comments or replies and is no longer visible to community members. The community moderator provided the following reason for archiving: EOL CLEANUP

We had completed an API integration with myEmma this time last year by completing a coldfusion wrapper. We just had someone point out that our integration seems to have broken about a month or two ago. While debugging it, we are getting connection errors on simple get member details requests.

We have verified that authentication is all still in tact (authenticated requests through the browser return the appropriate json arrays), however in code we are getting "I/O Exception: Received fatal alert: handshake_failure"

url: https://api.e2ma.net/{my account]/members/email/{email to lookup}
response dump:


What am I missing?
Photo of Kelly Cromwell

Kelly Cromwell

  • 3 Posts
  • 3 Reply Likes

Posted 1 year ago

  • 1
Photo of Kyle Gregory | Lipscomb University

Kyle Gregory | Lipscomb University, Champion

  • 99 Posts
  • 69 Reply Likes
Hey Kelly,

Are you using a TLS 1.1 or higher connection with the Emma API?  The timeframe aligns up with a sunset of Emma accepting TLS 1.0 connections on the API.

Thanks,
Kyle
Photo of Kelly Cromwell

Kelly Cromwell

  • 3 Posts
  • 3 Reply Likes
This absolutely sounds plausible. Thanks Kyle! I'm going to look into disabling TLS 1.0 and see if that resolves it!
Photo of Ross Cochran

Ross Cochran, Official Rep

  • 134 Posts
  • 10 Reply Likes
Hi Kelly,

Based on the error you are seeing, and timeline you are reporting, I think Kyle is correct here. In August we retired TLS 1.0. Could you check to see if you are using that still? If so, upgrading to 1.1 or 1.2(which is the recommended version) should get you fixed right up. I also wanted to include a link over to our community post regarding the sunsetting of TLS 1.0. You can find that here:

https://community.myemma.com/emma/topics/emma-api-no-longer-supporting-tls-1-0-as-of-august-1st-2017

Let us know if you need any other help.

Cheers!
Photo of Ross Cochran

Ross Cochran, Official Rep

  • 134 Posts
  • 10 Reply Likes
Hi Kelly,

I just wanted to touch base to see if you were able to get back up and running with the API. If you still need additional help, let us know!

Cheers!
Photo of Kelly Cromwell

Kelly Cromwell

  • 3 Posts
  • 3 Reply Likes
I appreciate the follow-up. Unfortunately the retiring of TLS 1.0 has caused me much more grief than I expected.  My application that has utilizes the api integration is built on Coldfusion 10, which uses the 1.7 JRE. Apparently in order to utilize TLS 1.1 or higher I need to update the JRE to 1.8, which actually kills my entire CF 10 server.   I may need to look at building some kind of pass through service on a different platform to re-enable my application integration :(.
Photo of Joe Klovance

Joe Klovance

  • 5 Posts
  • 0 Reply Likes
I have come up with a solution for older versions of Coldfusion.
Don't laugh, I am using Coldfusion 6.1. The software is old and complex and upgrading is not worth it. It works on the principle that curl uses the servers TLS install and not the JRE's TLS. There is more control through curl of what version of TLS is used. I write out a curl script to a temp file and then run it. I then parse the response as normal.
Hope this helps.
Photo of Niki Patel

Niki Patel

  • 5 Posts
  • 0 Reply Likes
Hello Joe,

I am using JAVA 6 in my tomcat and our server is up in different Apache with TLS 1.2 Still my API integration doesn't work (Handshake error). Hope you can help me here with this error.