Unable to log into ITPAM after enabling TLSv2 in EEM
search cancel

Unable to log into ITPAM after enabling TLSv2 in EEM

book

Article ID: 246166

calendar_today

Updated On:

Products

CA Process Automation Base

Issue/Introduction

After enabling TLSv2 in EEM (link) and restarting PAM services, PAM does not allow logging into the application.

EIAM_javasdk.log error

[com.ca.eiam.SafeContextFactory] Failed to authenticate application with eTrust Embedded IAM backend server
[Authenticate Error: Authentication Failed]
com.ca.eiam.SafeException: EE_SPONSORERROR iSponsor Error

c2o.log error

ERROR [com.optinuity.c2o.wsd.trigger.util.TriggerUtil] [122.228-8080-13] Error while making connection with EEM. The username provided was xxxxxx
ERROR [com.ca.pam.soap.ItpamSoapAction] [122.228-8080-13] unable to execute SoapRequest
com.optinuity.c2o.util.C2OException: Error while making connection with EEM

Environment

Release : 4.3

Component : Process Automation

Cause

This is caused by the JDK version being used in PAM (JDK 7 U 79)

Resolution

It's important to mention that PAM 4.3 SP2 ended support on April 30, 2022. See:

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/release-announcements/CA-Process-Automation-Release-and-Support-Lifecycle-Dates/6025

We recommend you upgrade to SP5 where this issue does not occur since the Java version supported are JDK 8 U 162 and AdoptJDK. 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/intelligent-automation/automic-process-automation/04-3-05/getting-started/platform-support-and-requirements.html

Workaround:

Install JDK 8 U 162and run re-configure in PAM to use this new JDK. This version will allow communication between EEM and PAM and solve the issue.