Same for me. Java 1.8+, OpenNMS 18.0.2.
Enabled SSLv3 in java.security

I'm experiencing the same issue after upgrading from java 1.6 to 1.8. It worked OK between 1.7.0_60 and 1.7.0_80 but not with 1.8+.

I've run into a similar issue with monitoring a TLS only system and found that by upgrading my jre(jdk) to a minimum of 1.7.0_60 resolved this issue even though the code for SSLContext still uses "SSL" instead of TLS. Hope that helps.
Thanks,
Caleb

So, I had a look through the code and the HttpsDetector and the HttpsMonitor both appear to use the SSLContext(String protocol) constructor and ONLY construct using "SSL" as the default value. This means that web applications which only allow TLSv1+ will not work with these classes. I will look into figuring out how to modify the code to handle SSLv3/TLSv1/TLSv1.1/TLSv1.2 without having to change a lot of the APIs.

According to this answer on StackOverflow (http://stackoverflow.com/a/13138554/780998) the code should be using SSLEngine's setEnabledProtocols to allow negotiation to consider multiple protocols for each connection. Using SSLContext limits the connection to a single protocol.

Hi, testing with OpenNMS 1.12.5 now. A server I am monitoring on an Amazon E3 node now only supports SSL using SSLv3. As soon as this change was made on the server, the OpenNMS poller started failing to connect using HTTPS.

Here is a snipped of pollerd debug logs:

2014-02-23 17:20:15,586 WARN [Poller-Thread-47-of-90] HttpsMonitor: IOException while polling address /(ip removed)
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at java.io.OutputStream.write(OutputStream.java:75)
at org.opennms.netmgt.poller.monitors.HttpMonitor$HttpMonitorClient.sendHttpCommand(HttpMonitor.java:538)
at org.opennms.netmgt.poller.monitors.HttpMonitor.poll(HttpMonitor.java:151)
at org.opennms.netmgt.poller.pollables.LatencyStoringServiceMonitorAdaptor.poll(LatencyStoringServiceMonitorAdaptor.java:104)
at org.opennms.netmgt.poller.pollables.PollableServiceConfig.poll(PollableServiceConfig.java:112)
at org.opennms.netmgt.poller.pollables.PollableService.poll(PollableService.java:178)
at org.opennms.netmgt.poller.pollables.PollableElement.poll(PollableElement.java:292)
at org.opennms.netmgt.poller.pollables.PollableContainer$5.run(PollableContainer.java:305)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)

Thanks,
Tim Miller Dyck