When making an SSL (or TLS) connection from Diplomat MFT Client to a remote server, whether it is using FTPS or HTTPS, Diplomat MFT might encounter an error with the SSL handshake process, causing the connection to fail.
The Diplomat log will show a message stating “javax.net.ssl.SSLHandshakeException – Unsupported curveId: 29”.
This is because the remote server has chosen a specific curve for an Elliptic Curve ciphersuite which the Diplomat MFT does not support.
In order to fix this, you can disable all Elliptic Curve cryptography from the Java Runtime Environment (JRE) which is running Diplomat MFT.
To do so, edit the file “java.security” found in the JRE folder, here:
Diplomat 8.1.1 and higher: “C:\ProgramData\Coviant Software\Diplomat-j\jre\jre\lib\security\”
Diplomat 8.1 and prior: “C:\ProgramData\Coviant Software\Diplomat-j\jre\lib\security\”
folder “Diplomat-j” with “Diplomat-trial”).
EC keySize < 224, 3DES_EDE_CBC, anon, NULL, EC