Skip to main content

Using TLS with Veracode integrations

For security reasons, Veracode APIs block connections that use TLS 1.0 or 1.1. This section explains how to avoid issues when connecting to Veracode using TLS.

Veracode no longer supports integrations for Team Foundation Server 2010 and Visual Studio 2010, which do not support TLS 1.2. Static Analysis continues to support applications compiled with Visual Studio 2003 and later.

To avoid connection issues, you must upgrade the following integrations to support .NET 4.5 and TLS 1.2:

  • .NET wrapper/SDK
  • Veracode Static for Visual Studio

You must upgrade these integrations if you are using Java 1.7:

  • Java wrapper/SDK
  • Veracode Static for Eclipse
  • Veracode Static for IntelliJ
  • Veracode Jenkins Plugin
  • Veracode Integration for Jira
  • Veracode TeamCity Plugin

To support TLS 1.2 with Java 1.7, you must apply the Java Cryptographic Extension (JCE) Unlimited Strength Jurisdiction Policy to the JRE. You can download the JCE Unlimited Strength Jurisdiction Policy files from Oracle. Because Java 1.7 requires you to both patch the JRE and upgrade your Veracode integrations, Veracode recommends upgrading to Java 1.8 instead.

TLS error messages

If you use an integration that attempts to connect over TLS 1.0 or 1.1, you may receive one of these error messages:

  • Received fatal alert: handshake_failure
  • Peer not authenticated error
  • System.Net.WebException was unhandled. Message=The request was aborted: Could not create SSL/TLS secure channel
  • OpenSSL::SSL::SSLError: Received fatal alert: handshake_failure
  • The underlying connection was closed: An unexpected error occurred on a send.
  • Could not create SSL/TLS secure channel