ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

State Manager Error - could not establish a SSL to SQL Server

book

Article ID: 133303

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Risk Authentication CA Advanced Authentication

Issue/Introduction

The issue is primarily due to SSL connection failure from Broadcom  Statemanager component to the Database. 

Extract from arcotsm.log:

2019-06-03 12:25:38,686 [main] INFO  toksvr.server.TimeStampGenerator(120)  -> --- Servlet com.arcot.integrations.toksvr.server.TimeStampGenerator starting up (built: March 08, 2018 at 06:37:10 AM) ---
2019-06-03 12:25:38,780 [Token janitor] ERROR server.tsmimpl.iBatisTSMImpl(322)  -> Unable to delete expired tokens (issued before 20190603191038.686, used before 20190603191038.686:  
--- The error occurred in com/arcot/integrations/toksvr/server/tsmimpl/TsToken.xml. 
--- The error occurred while executing mapped statement. 
--- Check the sqlDeleteTokenOlderThan. 
--- Check the statement or the result map. 
--- Cause: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server did not return a response. The connection has been closed.".)
2019-06-03 12:25:39,233 [http-nio-8080-exec-1] ERROR server.tsmimpl.iBatisTSMImpl(142)  -> Unable to create token a09afb1583b1abbe84c99b297d649976d401ec69 | 20190603192539.217.a09afb15: com.ibatis.common.jdbc.exception.NestedSQLException:  
--- The error occurred in com/arcot/integrations/toksvr/server/tsmimpl/TsToken.xml. 
--- The error occurred while executing mapped statement. 
--- Check the sqlInsertTokenNoRisk. 
--- Check the statement or the result map.

Cause

The Database does not support the Ciphers used by Broadcom Advanced Authentication to connect. 

Environment

Release : 9.0 and below. 

Component : AuthMinder(Arcot WebFort)

Resolution

The Ciphers supported at the Database level need to be checked and corrected with respect to Ciphers supported by Broadcom Advanced Authentication. 

Additional Information

None.