Received fatal alert: handshake_failure When logging into the client
search cancel

Received fatal alert: handshake_failure When logging into the client


Article ID: 190850


Updated On:


CA Automic Applications Manager (AM)


After installing Java 8 update 201 (1.8.0_201), or OpenJDK 11 on any combination of the Master, Remote Agent, and/or Java Client PC results in a connection error.

Depending on the component combination where Java 8 update 201 or OpenJDK 11 was installed, one of the below errors may be seen from the Agent/Master logs or from the Java Web Client. Received fatal alert: handshake_failure
or no cipher suites in common


Component: APPMGR


Configuration change in Java that drops support for anonymous and null connections


There is 1 solution and 2 workarounds for this issue:


Upgrade to Applications Manager 9.3 which requires a custom SSL certificate for connection authentication. This custom keystore is required to be generated and copied to master, remote agent, and client machines.

Applications Manager's documentation does cover the topic for keystore file names/locations and optional password encryption which can be found at the below link:


For information on creating keystore, please refer to your OS Admin or Oracle as this is process is an external process using Oracle's java keytool.

*Workaround 1*

Downgrade Java version to a pre-Java 8 update 201 version

*Workaround 2*

Update Java's file and remove the anon (anonymous) and NULL ciphers from parameter "jdk.tls.disabledAlgorithms". Below is an example of what the parameter looks like.

*note this will not work for OpenJDK*

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \

    EC keySize < 224, 3DES_EDE_CBC, anon, NULL