Error: "no cipher suites in common" and the Cloud Director portal fails to come online
search cancel

Error: "no cipher suites in common" and the Cloud Director portal fails to come online

book

Article ID: 373614

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • Cloud Director portal fails to come online and application is down.
  • The product has been upgraded from an earlier version.
  • Within the log file /opt/vmware/vcloud-director/logs/cell-runtime.log an error similar to the following is observed
    DEBUG    | pool-jetty-<id>         | HttpEngineStartupAction        | Handshake failed |
javax.net.ssl.SSLHandshakeException: no cipher suites in common
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:###)

Environment

Cloud Director 10.x

Cause

This issue occurs as the SSL certificate in use on the Cloud Director cell is not compatible with the default SSL cipher set enabled. During an upgrade the default SSL cipher suite may change due to additional security measures applied in the product. As a result the HTTP engine fails to load during startup of the vmware-vcd service and stops being able to process HTTPS requests.

Resolution

To resolve this matter enable additional SSL Ciphers which are compatible with the SSL certificate in use.
  1. Follow the instructions outlined in the documentation Managing the List of Allowed SSL Ciphers in VMware Cloud Director to update the enabled ciphers. This change needs to be applied on all cells in the environment.
  2. Restart the vmware-vcd service on each cell.
    systemctl restart vmware-vcd
Powered by Wolken Software