Access Gateway(SPS) is Firing the Proxy Rule but Showing SSL Error in Logs: Noodle Exception
search cancel

Access Gateway(SPS) is Firing the Proxy Rule but Showing SSL Error in Logs: Noodle Exception

book

Article ID: 207307

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

We have an issue with SPS where a proxy rule is being fired as per the logs but in the browser we see below error in the browser:

CA Access Gateway - Error Report

Error Details

Request URI

 : /settings/consent

Error Type

 : SPS Exception

Error Code

 : Noodle_CouldNotConnectToBackEndServer

Error Message

 : No connection to backend server due to lack of processing threads at SPS.

 

Error in the trace logs says: 

[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][releaseConnection(): ][Released connection is not reusable.]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][execute][]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][Noodle::doGet][java.lang.NullPointerException    at com.ca.sso.smssl.socket.SMSSLSocketImpl.setupSSLContext(SMSSLSocketImpl.java:202)]
[12/23/2020][12:23:59][2604][3868][51023fac-477a03da-59228372-dce178a8-8cbc2b3e-b6][ErrorPageImpl::displayMessage][Custom Error Pages : Custom message is not an URL. If URL is specified then it might not be in proper format. Considering it as plain text message.]

Environment

Release : 12.8.03

Component : SITEMINDER SECURE PROXY SERVER

Cause

An invalid protocol, TLSv1.3, was specified first in the 'versions' parameter in server.conf.

Resolution

Problem only occurred when TLS 1.3 was specified first in the (protocol) version parameter in server.conf. Since TLS 1.3 is not currently a supported protocol, this is an invalid configuration and should be avoided.

Additional Information

Current 12.8x releases (through 12.8.5) of Access Gateway support TLS versions up to and including 1.2.

Powered by Wolken Software