From efcf0493a739cbd7c823b8743c9677030c61219c Mon Sep 17 00:00:00 2001 From: Ravindu Wegiriya Date: Thu, 9 Apr 2026 14:08:54 +0530 Subject: [PATCH] Add documentation for SSL profile failure handling at startup --- .../multi-https-transport.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/en/docs/install-and-setup/setup/transport-configurations/multi-https-transport.md b/en/docs/install-and-setup/setup/transport-configurations/multi-https-transport.md index f65e317f8..f71b7c4d5 100644 --- a/en/docs/install-and-setup/setup/transport-configurations/multi-https-transport.md +++ b/en/docs/install-and-setup/setup/transport-configurations/multi-https-transport.md @@ -223,3 +223,16 @@ set when you enable dynamic SSL profiles: |---------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------|---------------| | ` filePath ` | The relative/absolute file path of the custom SSL profile configuration XML file. | \- | | ` fileReadInterval ` | The time interval (in milliseconds) in which configuration updates will be loaded and applied at runtime. This value should be greater than 1 minute. | 3600000 | + +## Handling SSL profile load failures at startup + +By default, if any custom SSL profile fails to load during startup (e.g., due to a missing keystore, incorrect password, or invalid keystore type), the Micro Integrator will abort the startup process. + +To allow the server to start by skipping faulty profiles and logging a warning instead, pass the following JVM parameter at startup:Expand commentComment on lines R160 to R167Resolved + +```xml +-Dssl.profile.skip.failures=trueExpand commentComment on line R170Resolved +``` + +!!! Note + When this parameter is enabled, any request routed to a host whose SSL profile failed to load will fall back to the default SSL context. Ensure that such scenarios are handled appropriately in your environment.