After the upgrade to API Gateway 10.1 we got a persistent error every 5 seconds in the spcc logs . :

2021-09-15T09:34:47.379+0200 INFO    1 com.l7tech.server.processcontroller.ProcessController: Getting API port from /opt/SecureSpan/Gateway/node/default/var/processControllerPort
2021-09-15T09:34:47.413+0200 WARNING 1 com.l7tech.server.processcontroller.p: default may still be starting, but API is throwing unexpected exceptions
javax.xml.ws.WebServiceException: Could not send Message.
 at org.apache.cxf.jaxws.JaxWsClientProxy.mapException(JaxWsClientProxy.java:183)
 ....
Caused by: javax.net.ssl.SSLProtocolException: SSLProtocolException invoking https://localhost:2124/ssg/services/processControllerNodeApi: The size of the handshake message (64559) exceeds the maximum allowed size (32768)
 at java.base/jdk.internal.reflect.GeneratedConstructorAccessor61.newInstance(Unknown Source

Release : 10.1

Component :

A  change in java  version 1.8.0_271  introduced a limit on the size of the TLS handshake messages the default of 32768 should be enough but if there are a lot of certificates in the cert store which have "signing client certificates" enabled the value will be to low.

To increase the  maxHandshakeMessageSize  add the following line to the startup script of the processcontroller.

cd /opt/SecureSpan/Controller/bin

chmod  755  processcontroller.sh

vi processcontroller.sh

add the following line 

PC_JAVAOPT="${PC_JAVAOPT} -Djdk.tls.maxHandshakeMessageSize=65536"

after the line 

ADD_OPENS="--add-opens=jdk.crypto.ec/sun.security.ec=ALL-UNNAMED"
PC_JAVAOPT="${ADD_OPENS} -Djava.security.egd=file:/dev/./urandom"

save the file and reboot the server

The value for jdk.tls.maxHandshakeMessageSize must be greater than the value reported in the error message

restart the gateway process .