- Mark as New
- Bookmark
- Subscribe
- Permalink
- Email to a Friend
- Report Inappropriate Content
Question or Problem Statement:
Expanding on a prior article concerning Callout troubleshooting, we have a few more recent known issues with callouts producing failed or “unknown” results in the callout history and their accepted solution involving supported encryption levels and SSL certificates
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Email to a Friend
- Report Inappropriate Content
Solution:
1. HAProxy - tune.ssl.default-dh-param should be set to 1024 (default). Higher values will cause callouts to fail on some integrations
2. Apache - certain Apache configurations receive handshake failures with Java-based clients when using a certificate with more than 1024 bits? See link below for solution, in short a change in Apache configuration in mod_ssl is required
3. SSL Certificate - Zuora callouts require a CA signed certificate at the receiver endpoint. We do not support self-signed SSL certificates in our callout process.
4. Standard SSL port 443 only - Zuora callouts must be made on standard SSL port (443). Reconfiguring callout URL to a different port is not supported.
Supporting References:
http://community.zuora.com/t5/Admin-Settings/Troubleshooting-quot-unknown-quot-result-from-callout-r...
http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh
- Mark as New
- Bookmark
- Subscribe
- Permalink
- Email to a Friend
- Report Inappropriate Content
Solution:
1. HAProxy - tune.ssl.default-dh-param should be set to 1024 (default). Higher values will cause callouts to fail on some integrations
2. Apache - certain Apache configurations receive handshake failures with Java-based clients when using a certificate with more than 1024 bits? See link below for solution, in short a change in Apache configuration in mod_ssl is required
3. SSL Certificate - Zuora callouts require a CA signed certificate at the receiver endpoint. We do not support self-signed SSL certificates in our callout process.
4. Standard SSL port 443 only - Zuora callouts must be made on standard SSL port (443). Reconfiguring callout URL to a different port is not supported.
Supporting References:
http://community.zuora.com/t5/Admin-Settings/Troubleshooting-quot-unknown-quot-result-from-callout-r...
http://httpd.apache.org/docs/current/ssl/ssl_faq.html#javadh