- CAS recently upgrade from 2.4.x to 3.1.4.1
- When attempting to connect or manage CAS version 3.1.4.1 appliances via Management Center version 3.2.2.1, error message is seen:
"failed to establish a secure connection"
And in Management Center network logs (Administration > Logs > Network_*.log), you will see the following error message:
[2022-05-11 17:29:57.836] INFO http-nio-8080-exec-1 org.apache.http.impl.execchain.RetryExec I/O exception (org.bouncycastle.tls.TlsFatalAlert) caught when processing request to {s}->https://CAS-IP:8082 : internal_error(80)
[2022-05-11 17:29:57.836] INFO http-nio-8080-exec-1 org.apache.http.impl.execchain.RetryExec Retrying request to {s}->https://CAS-IP:8082
Management Center 3.2.2.1 or older
CAS version 3.1.4.1 or newer that has Certificate Authority List uploaded
CAS version 3.1.4.1 COE was updated and MC version 3.2.2.1 is running the older COE version, therefore there is a mismatch between the underlying Linux OS.
Content Analysis behavior change from 2.4.x to 3.1.x. This may happen when a Certificate Authority List has been added to CAS before the upgrade from 2.4.x to 3.1.x or when already running CAS 3.1.x
Solution: Upgrade Management Center to version 3.3.1.1
Workaround: Remove all Certificate Authority List from CAS UI > Settings > Web Management by highlighting each certificate and click "Delete CA". Save changes afterwards.