HANDSHAKE_FAILURE: Couldn't kickstart handshakingIssue <!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Unable to connect to the endpoint via the mid server as the wrapper log shows "HANDSHAKE_FAILURE: Couldn't kickstart handshaking" Symptoms<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Input ECC queue shows java.net.SocketException: Socket is closed You enabled the debug in mid server with the help of Djavax.net.debug property within the wrapper.conf file in mid server. You tried hitting URL again and found HANDSHAKE_FAILURE: Couldn't kickstart handshaking error in the wrapper logs 025/10/06 12:29:13 | javax.net.ssl|ERROR|29|Worker-Expedited:MIDWorker-c57c46afeb1cb210009df5d3dad0cd54|2025-10-06 12:29:13.355 CEST|TransportContext.java:370|Fatal (UNEXPECTED_MESSAGE): The size of the handshake message (35677) exceeds the maximum allowed size (32768) (2025/10/06 12:29:13 | "throwable" : {*****************************************************************************************025/10/06 12:48:51 | javax.net.ssl|ERROR|79|Worker-Expedited:MIDWorker-5fd05ee3eb5cb210009df5d3dad0cd02|2025-10-06 12:48:51.890 CEST|TransportContext.java:370|Fatal (HANDSHAKE_FAILURE): Couldn't kickstart handshaking (2025/10/06 12:48:51 | "throwable" : {2025/10/06 12:48:51 | javax.net.ssl.SSLProtocolException: The certificate chain length (11) exceeds the maximum allowed length (10)2025/10/06 12:48:51 | at java.base/sun.security.ssl.CertificateMessage$T13CertificateMessage.<init>(CertificateMessage.java:874)2025/10/06 12:48:51 | at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1163)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)2025/10/06 12:48:51 | at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)2025/10/06 12:48:51 | at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)2025/10/06 12:48:51 | at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1510)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1425)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:455)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:925)2025/10/06 12:48:51 | at java.base/sun.security.ssl.SSLSocketImpl.getSession(SSLSocketImpl.java:371)2025/10/06 12:48:51 | at com.glide.communications.GlideSSLProtocolSocketFactory.collectTelemetry(GlideSSLProtocolSocketFactory.java:327)2025/10/06 12:48:51 | at com.glide.communications.GlideSSLProtocolSocketFactory.createSocket(GlideSSLProtocolSocketFactory.java:317)2025/10/06 12:48:51 | at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:711)2025/10/06 12:48:51 | at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)2025/10/06 12:48:51 | at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:388)2025/10/06 12:48:51 | at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:172)2025/10/06 12:48:51 | at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)2025/10/06 12:48:51 | at com.glide.communications.HTTPClient.doExecute(HTTPClient.java:556)2025/10/06 12:48:51 | at com.glide.communications.HTTPClient.doExecute(HTTPClient.java:520) Release<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Not Specific to any release Cause<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Third Party Certificate chains is really big and crossed the maximum allowed size for a handshake message during a TLS/DTLS handshake Large certificate chains: The server sends a long chain of certificates to the client, which increases the size of the handshake message.Many trusted certificates: A server configured for client authentication sends a long list of acceptable certificate authority (CA) names. Resolution<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } This configuration is typically used to prevent or fix SSLProtocolException errors that occur during TLS/SSL communication. The default maximum handshake message size in Java is 32 KB (32768 bytes). In certain situations, such as when a server has a large number of root certificates, the handshake message can exceed this default size. Enable the below-mentioned properties in wrapper configuration file within mid server wrapper.java.additional.501=-Djdk.tls.maxHandshakeMessageSize=49152 This value sets the maximum handshake message size to 49,152 bytes (48 KB), overriding the default setting. By increasing the maxHandshakeMessageSize value, the application can successfully complete the TLS handshake, preventing connection errors.