WCC EEM configuration (change_eem.sh) change errors out with com.ca.itechnology.iclient.IclException: javax.net.ssl.SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]
search cancel

WCC EEM configuration (change_eem.sh) change errors out with com.ca.itechnology.iclient.IclException: javax.net.ssl.SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]

book

Article ID: 246190

calendar_today

Updated On:

Products

CA Workload Automation AE

Issue/Introduction

./change_eem.sh  --eemhostname EEMServerName.Company.com --eemadmin EiamAdmin --eempassword Password --eemappid WCC0004
log4j:WARN No appenders could be found for logger (com.ca.wcc.encrypt.Cryptor).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
2022-07-18 10:38:55,886 [main] ERROR Network  - RunBatMethod - exception occurred calling Iclient runBatMethod
com.ca.itechnology.iclient.IclException: javax.net.ssl.SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]
        at com.ca.itechnology.iclient.IclUtil.httpRequest(IclUtil.java:1544)
        at com.ca.itechnology.iclient.IclMethod.runBatMethod(IclMethod.java:212)
        at com.ca.itechnology.iclient.Iclient.runBatMethod(Iclient.java:580)
        at com.ca.eiam.poz.Network.RunBatMethod(Network.java:320)
        at com.ca.eiam.poz.PozFactory.runMethod(PozFactory.

Cause

TLS 1.0 and 1.1 protocols are being restricted on the OS, but the EEM server is still able to use those protocol versions.  

Resolution

- Reconfigure EEM + CA Directory to use TLS 1.2 only  (https://knowledge.broadcom.com/external/article?articleId=74517)

- Stop igateway, dxserver,  start dxserver, igateway and then restart WCC 

Powered by Wolken Software