AutoSys WebUI URL is not available after upgrade to 24.1 SEVERE: Failed to initialize component [Connector["https-jsse-nio-8443"]] Caused by: java.lang.IllegalArgumentException: None of the [ciphers] specified are supported by the SSL engine : [[]]

Products

Autosys Workload Automation

Issue/Introduction

After upgrade to 24.1, the WebUI URL is no longer available for usage via a browser.

CA-wcc.log shows an error like this during the startup phase:

INFO | jvm 1 | 2025/10/06 06:10:30 | 5 | WrapperManager Debug: Depending on the implementation of org.apache.tomcat.util.log.SystemLogHandler, log output to STDERR may no longer be redirected to the Wrapper log or console.
INFO | jvm 1 | 2025/10/06 06:10:31 | 6 | Oct 06, 2025 6:10:31 AM org.apache.coyote.AbstractProtocol init
INFO | jvm 1 | 2025/10/06 06:10:31 | 6 | INFO: Initializing ProtocolHandler ["https-jsse-nio-8443"]
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | Oct 06, 2025 6:10:32 AM org.apache.catalina.util.LifecycleBase handleSubClassException
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | SEVERE: Failed to initialize component [Connector["https-jsse-nio-8443"]]
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | org.apache.catalina.LifecycleException: Protocol handler initialization failed
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.connector.Connector.initInternal(Connector.java:1078)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.core.StandardService.initInternal(StandardService.java:522)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:953)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.startup.Catalina.load(Catalina.java:710)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.startup.Catalina.load(Catalina.java:733)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at java.base/java.lang.reflect.Method.invoke(Unknown Source)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:299)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(Unknown Source)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at java.base/java.lang.reflect.Method.invoke(Unknown Source)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.tanukisoftware.wrapper.WrapperStartStopApp.run(WrapperStartStopApp.java:425)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at java.base/java.lang.Thread.run(Unknown Source)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | Caused by: java.lang.IllegalArgumentException: None of the [ciphers] specified are supported by the SSL engine : [[]]
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.SSLUtilBase.getEnabled(SSLUtilBase.java:161)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:135)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.jsse.JSSEUtil.<init>(JSSEUtil.java:61)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.jsse.JSSEUtil.<init>(JSSEUtil.java:56)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.jsse.JSSEImplementation.getSSLUtil(JSSEImplementation.java:52)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.AbstractEndpoint.createSSLContext(AbstractEndpoint.java:401)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.AbstractEndpoint.initialiseSsl(AbstractEndpoint.java:591)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:227)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1558)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1571)
INFO | jvm 1 | 2025/10/06 06:10:32 | 6 | at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:633)

Notice that, <CA_WCC_INSTALL_LOCATION>/tomcat/conf/server.xml has an entry for ciphers like below:

<SSLHostConfig certificateVerification="none" ciphers="" protocols="+TLSv1.2" sslProtocol="TLS">

Cause

Prior to the upgrade, the original <CA_WCC_INSTALL_LOCATION>/tomcat/conf/server.xml had SSL connector defined with no/empty ciphers value in it. Example:

The upgrade process restricts the protocol to TLSv1.2, however as there were no ciphers defined prior to upgrade, it empties out the ciphers value after the upgrade in the upgraded <CA_WCC_INSTALL_LOCATION>/tomcat/conf/server.xml

<SSLHostConfig certificateVerification="none" ciphers="" protocols="+TLSv1.2" sslProtocol="TLS">

Resolution

Make a copy of the file <CA_WCC_INSTALL_LOCATION>/tomcat/conf/server.xml
Edit the original file and find a line SSLHostConfig entry in it:

<SSLHostConfig certificateVerification="none" ciphers="" protocols="+TLSv1.2" sslProtocol="TLS">

Change it to something like this:

<SSLHostConfig certificateVerification="none" ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA" protocols="+TLSv1.2" sslProtocol="TLS">

Check if keystorePass has any value in it, default is changeit (example: keystorePass="changeit" otherwise, the upgrade might have set it to null, which is wrong) correct it to appropriate value
Save, restart CA-wcc-services
Retest