Java Authenication Class and TLS 1.2

We have been using Okta as our main Authentication resource for Hyperion Financial Management for the last 3-4 years without a hitch. We wrote a Java class that performs the API call to Okta to authenticate users over many domains. As a bonus, we do not have to manage external user passwords anymore.

Over the last few months we had been prepping for the switch to TLS 1.2 at Okta. Our update happened today, around 11 am. I know that it was around 11 am because no user could log in after that time.

It’s becoming clear that we need to force our Java logic to utilize TLS. We have other developers that have .NET applications that utilize Okta and they had the same issue until they were able to force the API calls to use TLS 1.2. If I could use a .NET program I would, but Oracle requires Java in which I am less fluent.

The class uses an HttpClient to work with Okta, can anyone help this Java newbie find a way to get our app working again? We NEED to have the program working on Monday.

Thanks!

Hey @melcock!

Which version of Java are you using? Java 8+ should support TLS 1.2 by default. If you are not on 1.8, I’d strongly suggest trying that first. Other than that what exception are you seeing?

Java is not installed on the system previously, Oracle’s software utilizes a .jar file to run the process.

I did install Java 8 on the servers this morning as a test and it didn’t fix the issue.

Can you include the output of java -version here?

Here’s the output:

C:\Users\marmadmin>java -version

java version “1.8.0_181”

Java™ SE Runtime Environment (build 1.8.0_181-b13)

Java HotSpot™ Client VM (build 25.181-b13, mixed mode)

This is with the new install, and I don’t know if the .jar references that at all.

What exception are you seeing?

We are not seeing an exception, this is a self-contained class.

I have run Postman on both the server in question and my local machine. The identical API call works on my local machine but when I run it from the web I get this:

Could not get any response

There was an error connecting to https://localsite.okta.com/api/v1/sessions?additionalFields=cookieToken.

@melcock
Your best bet might be to contact support: https://support.okta.com/help/s/
They can help you walk through debugging your environment.

There is a ticket underway, I am awaiting feedback.