We have an issue with SPS where a proxy rule is being fired as per the logs but in the browser we see below error in the browser:
Request URI |
: | /settings/consent |
Error Type |
: | SPS Exception |
Error Code |
: | Noodle_CouldNotConnectToBackEndServer |
Error Message |
: | No connection to backend server due to lack of processing threads at SPS. |
Error in the trace logs says:
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][releaseConnection(): ][Released connection is not reusable.]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][execute][]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][Noodle::doGet][java.lang.NullPointerException at com.ca.sso.smssl.socket.SMSSLSocketImpl.setupSSLContext(SMSSLSocketImpl.java:202)]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][ErrorPageImpl::displayMessage][Custom Error Pages : Custom message is not an URL. If URL is specified then it might not be in proper format. Considering it as plain text message.]
An invalid protocol, TLSv1.3, was specified first in the 'versions' parameter in server.conf.
Release : 12.8.03
Component : SITEMINDER SECURE PROXY SERVER
Problem only occurred when TLS 1.3 was specified first in the (protocol) version parameter in server.conf. Since TLS 1.3 is not currently a supported protocol, this is an invalid configuration and should be avoided.
Current 12.8x releases (through 12.8.5) of Access Gateway support TLS versions up to and including 1.2.