This site can’t provide a secure connection
XX.XX.XX.XX uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Cannot access PAM after upgrade of certificate
Article ID: 378396
Updated On:
Products
CA Privileged Access Manager (PAM)
Issue/Introduction
Once cert is uploaded and the appliance reboots. No further ability to access the appliance over port 443 is possible at this point
it shows the following error at url:
Environment
PAM 4.x
Cause
The issue was caused PAM's automated process that reviews the certificate and tries to validate if the certificate if is RSA or ECDSA. PAM will then assign the appropriate ciphers for that specific certificate. In this case PAM misinterpreted the certificate type and assigned the wrong ciphers.
Resolution
This is resolved in PAM 4.1.8 and 4.2.1 versions specifically, but the appliance must be rolled back if this was already rebooted, or a Broadcom Support engineer must login using ssh to manually set the database with the correct ciphers.
Feedback
Yes
No
Powered by
