Applications Manager connection error after installing or upgrading to Java 1.8.0_201

book

Article ID: 124912

calendar_today

Updated On:

Products

CA Automic Applications Manager (AM)

Issue/Introduction

After installing Java 8 update 201 (1.8.0_201) on any combination of the Master, Remote Agent, and/or Java Client PC results in a connection error.

Depending on the component combination where Java 8 update 201 was installed, one of the below errors may be seen from the Agent/Master logs or from the Java Web Client.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
or
javax.net.ssl.SSLHandshakeException: no cipher suites in common
 

Cause

Configuration change in Java that drops support for anonymous and null connections

Environment

Release:
Component: APPMGR

Resolution

There is 1 solution and 2 workarounds for this issue:


*Solution*

Upgrade to Applications Manager 9.3 which requires a custom SSL certificate for connection authentication. This custom keystore is required to be generated and copied to master, remote agent, and client machines.

Applications Manager's documentation does cover the topic for keystore file names/locations and optional password encryption which can be found at the below link:

 


For information on creating keystore, please refer to your OS Admin or Oracle as this is process is an external process using Oracle's java keytool.


*Workaround 1*

Downgrade Java version to a pre-Java 8 update 201 version


*Workaround 2*

Update Java's java.security file and remove the anon (anonymous) and NULL ciphers from parameter "jdk.tls.disabledAlgorithms". Below is an example of what the parameter looks like.


jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \

    EC keySize < 224, 3DES_EDE_CBC, anon, NULL