TLS Gateway or Java Agents on AIX - No negotiable cipher suite
search cancel

TLS Gateway or Java Agents on AIX - No negotiable cipher suite

book

Article ID: 259035

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

I encountered difficulties starting the TLS Gateway Agent on AIX or a Java Agent like SQL Agent.

I installed the TLS Gateway on my host through CAU then created and downloaded the agent.
I installed the downloaded agent on the same host where AE is running (JCP, JWP, REST, AIX Agent and AWI;all up and running ).

When starting the TLS Gateway Agent, it shuts down with the following message:

20230131/145406.328 - U02000000 Started program Agent 'AUTOMIC_TLS_GW', version '21.0.4+build.12', changelist '1661881312'.
20230131/145406.331 - U02000232 Build Date: '2022-08-30', '17:45:39'
20230131/145406.333 - U02000037 Started Agent with INI file '/opt/automic/21.0.4/agent_TLS_GW/bin/uctlsgtw.ini'.
20230131/145406.334 - U02000090 Java Runtime Environment version: '1.8.0_341'
20230131/145406.336 - U02000421 Java Runtime Environment name: 'Java(TM) SE Runtime Environment'
20230131/145406.337 - U02000091 Java Runtime Environment vendor: 'IBM Corporation'
<...>
20230131/145406.570 - U02000071 Current directory: /opt/automic/21.0.4/agent_TLS_GW/bin
20230131/145406.892 - U02000154 The JVM option HeapDumpOnOutOfMemoryError is not enabled: 'javax.management.InstanceNotFoundException:com.sun.management:type=HotSpotDiagnostic'.
20230131/145406.914 - U02000379 Initiating connection to server 'automic:8443' using WebSocket URI: 'wss://automic:8443/agent'.
20230131/145406.926 - Jetty: Logging initialized @3434ms to com.uc4.ex.cp.JettyLogger
20230131/145408.221 - U02000385 Web socket error: 'No negotiable cipher suite'.
20230131/145408.222 - javax.net.ssl.SSLHandshakeException: No negotiable cipher suite
20230131/145408.224 - java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: No negotiable cipher suite
20230131/145408.225 - Caused by javax.net.ssl.SSLHandshakeException: No negotiable cipher suite
20230131/145408.226 - U02000380 Could not connect to server 'automic:8443'.
20230131/145408.228 - U02000074 Connecting to system 'AUTOMIC' is not possible.
20230131/145408.229 - com.uc4.ex.cp.InitialConnectionException: Initial connection with endpoint not possible. Please check your configuration.
20230131/145408.230 - U02000041 Shutdown Agent 'AUTOMIC_TLS_GW'.
20230131/145408.232 - U02000002 Agent 'AUTOMIC_TLS_GW' version '21.0.4+build.12' ended abnormally.

Agent SQL generate similar error messages and then stops:

20230731/174843.267 - U02000090 Java Runtime Environment version: '1.8.0_351'
20230731/174843.267 - U02000421 Java Runtime Environment name: 'Java(TM) SE Runtime Environment'
20230731/174843.268 - U02000091 Java Runtime Environment vendor: 'IBM Corporation'
...
20230731/174843.624 - U02000377 Certificate loaded from file 'jcp1.cer'.
20230731/174844.637 - U02000385 Web socket error: 'No negotiable cipher suite'.
20230731/174844.637 - javax.net.ssl.SSLHandshakeException: No negotiable cipher suite
20230731/174844.638 - java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: No negotiable cipher suite
20230731/174844.639 - Caused by javax.net.ssl.SSLHandshakeException: No negotiable cipher suite

Environment

Release : 21.x

Component: Automation Engine

Sub-Components: Agents Java (SQL,SAP...) and TLS Gateway 

Cause

Unsupported Java version IBM Java v8 being used to start the Agents.

Resolution

Since you are installing the TLS Gateway or a Java based Agent on AIX you will have to install either:

  • IBM Open J9 JVM
  • Adoptium OpenJDK v11

Then modify the startup script to use the JRE of these supported versions of Java instead of the IBM Java 8.

Additional Information

The Adoptium OpenJDK 11 can be download here:

https://adoptium.net/temurin/releases/?version=11

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=/Z5ehVR1wgwqQiguGQy0PQ==

Powered by Wolken Software