handshake_failure when running DB services after installing WebLogic January 2026 patch Follow
Problem: After updating WebLogic with the January 2026 Critical Patch Update (CPU), DB services that use a TCPS connection fail to run with the following error:
Failed to initialize pool: IO Error: IO Error Received fatal alert: handshake_failure, Authentication lapse 0 ms. java.sql.SQLException: Failed to initialize pool: IO Error: IO Error Received fatal alert: handshake_failure, Authentication lapse 0 ms. at com.auraplayer.service.connection.pools.DbConnectionPoolsManager.getConnection(DbConnectionPoolsManager.java:49) at com.auraplayer.service.executor.DbExecutorBase.tryConnectToDb(DbExecutorBase.java:242) at com.auraplayer.service.executor.DbExecutorBase.connectToDb(DbExecutorBase.java:262) at com.auraplayer.service.executor.DbExecutorBase._preExecute(DbExecutorBase.java:337) at com.auraplayer.service.executor.DbExecutor._preExecute(DbExecutor.java:59) at com.auraplayer.service.executor.AbstractExecutor.preExecute(AbstractExecutor.java:254) at com.auraplayer.service.executor.AbstractExecutor.execute(AbstractExecutor.java:283) at com.auraplayer.rest.resource.service.executor.ServiceExecutionCommon.execute(ServiceExecutionCommon.java:410) at com.auraplayer.rest.resource.service.executor.ServiceExecutionCommon.execute(ServiceExecutionCommon.java:479) at com.auraplayer.rest.resource.service.executor.ServiceExecutionResource.execute(ServiceExecutionResource.java:194) at com.auraplayer.rest.resource.service.executor.ServiceExecutionResource.postForm(ServiceExecutionResource.java:90)
Observation: The January 2026 Critical Patch Update includes fixes for Oracle WebLogic Server and Oracle Java SE that tighten TLS configurations and remove or disable weaker protocols/ciphers by default.
Solution:
Edit sqlnet.ora:
- Add the 2 new ciphers below to SSL_CIPHER_SUITES (in addition to the existing values).
- Add/set the SQLNET.IGNORE_ANO_ENCRYPTION_FOR_TCPS property.
SSL_CIPHER_SUITES = (TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
SQLNET.IGNORE_ANO_ENCRYPTION_FOR_TCPS = TRUE
Comments
0 comments
Please sign in to leave a comment.