After installing Java 8 update 201 (1.8.0_201), or OpenJDK 11 on any combination of the Master, Remote Agent, and/or Java Client PC results in a connection error.

Depending on the component combination where Java 8 update 201 or OpenJDK 11 was installed, one of the below errors may be seen from the Agent/Master logs or from the Java Web Client.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
or
javax.net.ssl.SSLHandshakeException: no cipher suites in common

Release:
Component: APPMGR

Configuration change in Java that drops support for anonymous and null connections

There is 1 solution and 2 workarounds for this issue:

*Solution*

Upgrade to Applications Manager 9.3 which requires a custom SSL certificate for connection authentication. This custom keystore is required to be generated and copied to master, remote agent, and client machines.

Applications Manager's documentation does cover the topic for keystore file names/locations and optional password encryption which can be found at the below link:

 

Installation Guide > CA Automic Applications Manager Installation—Advanced Topics > Using Custom SSL Certificates for Connection Authentication

For information on creating keystore, please refer to your OS Admin or Oracle as this is process is an external process using Oracle's java keytool.

*Workaround 1*

Downgrade Java version to a pre-Java 8 update 201 version

*Workaround 2*

Update Java's java.security file and remove the anon (anonymous) and NULL ciphers from parameter "jdk.tls.disabledAlgorithms". Below is an example of what the parameter looks like.

*note this will not work for OpenJDK*

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \

    EC keySize < 224, 3DES_EDE_CBC, anon, NULL