Veracode Integrations Support of TLS

Veracode Integrations Security and Troubleshooting

For security reasons, Veracode APIs block connections that use TLS 1.0. Follow these instructions to avoid connection issues with the Veracode Platform.

Veracode has discontinued support of Team Foundation Server 2010 and Visual Studio 2010 integrations, which do not support TLS 1.1 or 1.2. Veracode Static Analysis continues to support applications compiled with Visual Studio 2003 and later.

To avoid connection issues, you must upgrade the following integrations to support .NET 4.5 and TLS 1.2:

  • .NET wrapper/SDK
  • TFS flaw synchronizer
  • TFS XAML build integration
  • Veracode Visual Studio Extension

You must upgrade the following integrations if you are using Java 1.7:

  • Java wrapper/SDK
  • Veracode Eclipse Plugin
  • Veracode IntelliJ Plugin
  • Veracode Jenkins PluginJenkins plugin
  • Veracode Jenkins PluginIntegration for Jira
  • Veracode TeamCity PluginTeamCity plugin

To support TLS 1.1 and 1.2 with Java 1.7, you must apply the Java Cryptographic Extension (JCE) Unlimited Strength Jurisdiction Policy to the JREs. The JCE Unlimited Strength Jurisdiction Policy files can be downloaded from Oracle. As supporting TLS 1.1 and 1.2 with Java 1.7 requires both an upgrade of Veracode integrations and a patch of the Java 1.7 JRE, Veracode recommends upgrading to Java 1.8 instead.

Error Messages

If you are using an integration that attempts to connect over TLS 1.0, you may receive one of the following error messages:
  • Received fatal alert: handshake_failure
  • Peer not authenticated error
  • System.Net.WebException was unhandled. Message=The request was aborted: Could not create SSL/TLS secure channel
  • OpenSSL::SSL::SSLError: Received fatal alert: handshake_failure
  • The underlying connection was closed: An unexpected error occurred on a send.
  • Could not create SSL/TLS secure channel

If you receive any of these messages, follow the instructions above.