PAM SOAP calls to Catalog report handshake error
search cancel

PAM SOAP calls to Catalog report handshake error


Article ID: 112478


Updated On:


CA Service Management - Service Desk Manager CA Service Catalog CA Process Automation Base


When ITPAM tries to make a SOAP call to Catalog it is reporting a handshake error in the C2O.log:

SOAPExceptionImpl: Message send failed 

This happens when it tries to do something simple like login to catalog, SOAPUI might work with the same call.


Process Automation 4.3.x

Service Catalog 17.x


The first thing to check is that the same call works from the SOAPUI from the ITPAM server.

There could be a problem with the server name (for example, using long name vs. short name) or there could also be a problem with the user rights.

However, if the SOAPUI works then the next thing to check it the protocol that is being used to connect. By default, ITPAM will use TLSv1 unless it has been configured to use something different.


On the Catalog server check:


In the section where you configured the secure website (usually on either 8443 or 443) see if you have an SSLEnabledProtocols property.

If this says "TLSv1.1,TLSv1.2" for example, then this is only listening for TLS versions 1.1 and 1.2. This means ITPAM SOAP calls using TLSv1 would fail.

You can add TLSv1 but this is no longer a secure protocol.

Alternatively, check the ITPAM server for the file c2osvcw.conf  (Under the bin folder).

You can add a line (if one does not exist) line:,TLSv1.2 

Please note that there can not be any gaps in the numbers. So if your last line is 13 then this line should be 14, etc.