Agent Reports SSL Handshake Failure

book

Article ID: 38309

calendar_today

Updated On:

Products

CA Release Automation - Release Operations Center (Nolio) CA Release Automation - DataManagement Server (Nolio)

Issue/Introduction

An action or process fails to execute on an agent. Reviewing the log files reveals the following error:

ERROR (com.nolio.nimi.comm.impl.nettysupport.BasicHandler:57) - NimiConnectionImpl{remoteAddress=null, localAddress=null, connectionID=null, channel=null, closed=true, lastAccessedTime=1454818109187}:javax.net.ssl.SSLException: Received fatal alert: handshake_failure
javax.net.ssl.SSLException: Received fatal alert: handshake_failure
 

Cause

SSL encryption is not properly configured for communication between the Nolio Execution Server (NES) and agent(s).

Environment

CA Release Automation 5.x and 6.x

Resolution

If SSL encryption is desired for communication between the NES and agent(s), ensure both NES and agent(s) have the same certificate installed.

If SSL encryption was not intended to be enabled between the NES and agent(s) (for example, if the intention was to apply encryption to the NAC only for web access purposes), then edit the nimi_config.xml file on both NES and agent(s) and set the encryption "enabled" property to "false", as follows:

<security>
<enabled>false</enabled>

OR, if you want the agent and NES configured to communicate securely then make sure that their nimi_config.xml files are both set with security = true and that they are configured with keystore and truststore configurations that would allow for a successful SSL handshake.

 

Additional Information

Configuring SSL between Execution Servers and Agents are documented here: Secure Execution Server to Agent Communication