Access Gateway(SPS) is Firing the Proxy Rule but Showing SSL Error in Logs: Noodle Exception

search cancel

Access Gateway(SPS) is Firing the Proxy Rule but Showing SSL Error in Logs: Noodle Exception

book

Article ID: 207307

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

We have an issue with SPS where a proxy rule is being fired as per the logs but in the browser we see below error in the browser:

CA Access Gateway - Error Report

Error Details

Request URI	:	/settings/consent
Error Type	:	SPS Exception
Error Code	:	Noodle_CouldNotConnectToBackEndServer
Error Message	:	No connection to backend server due to lack of processing threads at SPS.

Error in the trace logs says:

[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][releaseConnection(): ][Released connection is not reusable.]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][execute][]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][Noodle::doGet][java.lang.NullPointerException at com.ca.sso.smssl.socket.SMSSLSocketImpl.setupSSLContext(SMSSLSocketImpl.java:202)]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][ErrorPageImpl::displayMessage][Custom Error Pages : Custom message is not an URL. If URL is specified then it might not be in proper format. Considering it as plain text message.]

Cause

An invalid protocol, TLSv1.3, was specified first in the 'versions' parameter in server.conf.

Environment

Release : 12.8.03

Component : SITEMINDER SECURE PROXY SERVER

Resolution

Problem only occurred when TLS 1.3 was specified first in the (protocol) version parameter in server.conf. Since TLS 1.3 is not currently a supported protocol, this is an invalid configuration and should be avoided.

Additional Information

Current 12.8x releases (through 12.8.5) of Access Gateway support TLS versions up to and including 1.2.

Feedback

thumb_up Yes

thumb_down No