"SSL_ERROR_SSL during handshake: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher" error in vRA 7.x
search cancel

"SSL_ERROR_SSL during handshake: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher" error in vRA 7.x

book

Article ID: 341866

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
In vRealize Automation 7.x, the /var/log/messages file and /var/log/warn file are overfilled with repeating log messages similar to:

2016-07-19T08:20:33.116653+00:00 localhost sfcb[12032]:
2016-07-19T08:20:33.116656+00:00 localhost sfcb[12032]: **
/build/mts/release/bora-4116650/studio/src/vami/apps/sfcb/1.4.9/httpAdapter.c:1698
SSL_ERROR_SSL error during SSL handshake -- exiting
2016-07-19T08:20:33.117533+00:00 localhost sfcb[12032]: --- SSL_ERROR_SSL
during handshake: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared
cipher
2016-07-19T08:20:33.117569+00:00 localhost sfcb[12032]:
2016-07-19T08:20:33.117574+00:00 localhost sfcb[12032]: **
/build/mts/release/bora-4116650/studio/src/vami/apps/sfcb/1.4.9/httpAdapter.c:1698
SSL_ERROR_SSL error during SSL handshake -- exiting

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


Environment

VMware vRealize Automation 7.1.x
VMware vRealize Automation 7.2.x
VMware vRealize Automation 7.0.x

Cause

The issue occurs when the SSLv3 is disabled in the SFCB server.

Resolution

To resolve the issue:
  1. Open the /opt/vmware/etc/sfcb/sfcb.cfg file using a text editor.
  2. Locate line containing the key sslCiphers.

    For example:

    sslCiphers: ALL:!ADH:!LOW:!EXP:!MD5:!RC4-SHA:!DES-CBC3-SHA:!SSLv3:@STRENGTH

  3. Remove :!SSLv3 from the entry located in Step # 2.

    For example:

    sslCiphers: ALL:!ADH:!LOW:!EXP:!MD5:!RC4-SHA:!DES-CBC3-SHA:@STRENGTH

  4. Restart the SFCB service by running the command:

    service vami-sfcb restart