SSL0222W when using specific ciphers on Apache
Article ID: 100302
Updated On:
Products
Dynamic Capacity Intelligence
Issue/Introduction
We have restricted the number of available TLSv12 ciphers that can be used in our Apache web server.
When trying to connect from a Web Client to zPM which runs under the Apache server, we get an error:
SSL0222W: SSL Handshake Failed, No ciphers specified (no shared ciphers or no shared protocols)
When trying to connect from a Web Client to zPM which runs under the Apache server, we get an error:
SSL0222W: SSL Handshake Failed, No ciphers specified (no shared ciphers or no shared protocols)
Environment
zPM or CA Dynamic Capacity Intelligence
Cause
The problem is not on zPM (or CA Dynamic Capacity Intelligence) side but it's related to the old version of the WEB Client (Firefox) that is used to run the zPM (or CA Dynamic Capacity Intelligence) GUI.
This old version doesn't support the new ciphers.
This old version doesn't support the new ciphers.
Resolution
The only solution is upgrading to a newer version of Web Client that support the specific ciphers.
Additional Information
These ciphers fail:
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384(9D)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_CBC_SHA256(3D)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_GCM_SHA256(9C)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_CBC_SHA256(3C)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384(9D)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_CBC_SHA256(3D)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_GCM_SHA256(9C)
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_CBC_SHA256(3C)
Feedback
Yes
No
Powered by
