function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
CRMScienceKirkCRMScienceKirk 

Received fatal alert: bad_record_mac

Hi all,

When performing callouts from Salesforce to various remote endpoints, we'll occassionally/intermittently receive a "bad_record_mac" error.  Sometimes they are persistent and don't go away after a period of time, othertimes the next callout works without a problem.

Doing some Googling, it doesn't see to be an uncommon issue in the Java world, but the resources that are more Salesforce centric are very few in number.  Those resources revolve around enabling or limiting various forms of SSL on the server (SSLv3, TLSv1, etc), but there's not a lot of information around the cause and as you imagine, no difinitive solution or response from Salesforce about it.

Does anyone successfully debugged these issues or have more information about why these Salesforce originating responses are dropping at the endpoint?

Thanks in advance!
Gaurav NirwalGaurav Nirwal
This might not be a Salesforce issue, maybe the other server changed? Did it make config/code changes due to Heartbleed or an unrelated software update?
CRMScienceKirkCRMScienceKirk
No changes, and I should also point out that it is intermittent and doesn't affect all clients using the package.  

It's a fairly standard HttpRequest class usage, not to disimilar to what's found in the documentation.

I keep attempting to get the Salesforce.com perspective, wondering about when a callout is made to an HTTPS endpoint, what SSL levels are anticipated.  But, like always, the mothership keeps closing my cases, confusing them for developement requests.  Sigh.
Hemant Kumar 11Hemant Kumar 11
I have the same issue and no solution. Please post the updates if any new development.
Thanks in advance.