Apparently, this issue is caused by Java 7 itself only using TLS v1 by default, and you need to explicitly enable v1.2 (JDK 8 uses TLS 1.2 by default <https://blogs.oracle.com/java-platform-group/jdk-8-will-use-tls-12-as-default>). This behavior is noted by PayPal on GitHub <https://github.com/paypal/tls-update>.
This issue is already reported in the public tracker <https://issuetracker.google.com/35900204>, with a mentioned workaround in Stack Overflow <https://stackoverflow.com/questions/35878293/force-tls-1-0-on-appengine-local-development-server-in-java/36119342>, though I have not had the opportunity to test this workaround. For further support on this issue, I encourage you to star Issue 35900204 <https://issuetracker.google.com/35900204> and put your comment there since Google Groups are reserved for general product discussions and are not for reporting issues. PS. I should also note that Java 7 runtime support <https://cloud.google.com/appengine/docs/deprecations/java7> was deprecated on December 13, 2017, and will be shut down entirely on January 16, 2019. So I recommend to migrate from Java 7 to Java 8 Runtime by following this guide <https://cloud.google.com/appengine/docs/standard/java/migrating-to-java8>. On Monday, April 23, 2018 at 5:59:37 PM UTC-4, xybrek wrote: > > My app is getting this error when accessing a HTTPS resource: > > javax.net.ssl.SSLHandshakeException: Could not verify SSL certificate > for URL: https://some.where/ > at > com.google.appengine.api.urlfetch.URLFetchServiceImpl.convertApplicationException(URLFetchServiceImpl.java:175) > at > com.google.appengine.api.urlfetch.URLFetchServiceImpl.fetch(URLFetchServiceImpl.java:45) > at > com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.fetchResponse(URLFetchServiceStreamHandler.java:543) > at > com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getInputStream(URLFetchServiceStreamHandler.java:422) > at > com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getResponseCode(URLFetchServiceStreamHandler.java:275) > > What can be done so GAE would not check of SSL since in my current purpose > for the app, it does not care if it connects via HTTP or HTTPS, so in my > case I just want to disable SSL check. > > I am running the application from Windows (Linux does not throw the error > above) > > Already I have modifiied the *dev_appserver.cmd* like this: > > java -Ddeployment.security.TLSv1.1=false > -Ddeployment.security.TLSv1.2=false -cp > "%~dp0\..\lib\appengine-tools-api.jar" ^ > com.google.appengine.tools.KickStart ^ > com.google.appengine.tools.development.DevAppServerMain %* > > Also in the application itself this is set: > > FetchOptions fetchOptions = > FetchOptions.Builder.doNotValidateCertificate(); > HTTPRequest request = new HTTPRequest(getUrl, HTTPMethod.GET, > fetchOptions) > > What could be wrong with Windows that it throws the error whereas in Linux > there is no problem? > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/cb285107-3109-4fa2-945f-41458dedd80e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
