You have a Data Center Security manager that has been upgraded from 6.8.2 or earlier and is still configured for lesser encryption than the manager and agents are capable of supporting
Managers that had earlier versions of the Data Center Security or Critical System Protection manager installed
Earlier versions of Data Center Security and Critical System Protection managers were configured by default to use encryption ciphers that have since been superseded by superior options. The upgrade of a Data Center Security manager does not alter these settings so they must be changed manually if you wish to use them in your environment
Common legacy ciphers include TLS_RSA_WITH_AES_128_CBC_SHA and TLS_RSA_WITH_AES_256_CBC_SHA and the specific ciphers configured for use on your manager can be seen by searching the (install directory)\tomcat\conf\server.xml file for:
Make a backup copy then update all examples of the ciphers setting in your DCS 6.9.0+ (install directory)\tomcat\conf\server.xml to the following:
ciphers="TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
Save the file and restart the Data Center Security Manager service.