AMS fails to connect to SAM when connection is restricted to TLS 1.2

book

Article ID: 5388

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

CA SAM is configured with HTTPS and connections are restricted to use TLS 1.2 protocol only. When AMS tries to pull data from CA SAM via the link Asset Viewer - Discovered Information the connection fails and the below error is logged in AMS.log:

DEBUG HTTPSender 146 java.net.SocketException: Connection reset 

DEBUG NSStack 2445 NSPop (empty) 

AxisFault

 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException

 faultSubcode: 

 faultString: java.net.SocketException: Connection reset

 faultActor: 

 faultNode: 

 faultDetail: 

{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Connection reset

Cause

This problem occurs because the Tomcat and jre7 packages that are shipped with AMS are not configured to handle TLS 1.2 connections.

Environment

ITAM 14.1CA SAM 4.x

Resolution

In order to resolve this problem you should follow the steps of the article TEC1233998 to upgrade the affected components to Tomcat 8 and jre8.

Once the above steps have been performed you will need to import the CA SAM certificate into the new jre8 keystore. The article TEC1044241 contains the required steps.

Note: JRE_PATH refers to the newly created jre8 folder under AMS.