Agent fails to startup with error "DHPublicKey does not comply to algorithm constraints"
Article ID: 93537
CA Automic Applications Manager (AM)
When starting up a new or existing remote agent, the awapi will fail to start, and the following error may be found in the AgentService*.log file:
ErrorMsg: AwE-5103 network socket error Details: Network socket error javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: DHPublicKey does not comply to algorithm constraints
Release: Component: APPMGR
The key to this error message is the following section: "DHPublicKey does not comply to algorithm constraints".
This error normally occurs when the Java on the Automation Engine is updated to a newer release or if Java on the Agent is upgraded to a newer release.
Later versions of Java restrict DH keys less than 1024 bits. If Java on the Automation Engine (server) or remote agent (client) is running a newer version while the other is running an older version, the older version of Java is attempting to us a DH key less then 1024 bits while the newer version of Java is restricting the use of less then 1024 bits.
To resolve this error, please match the version of Java that is used by the Automation Engine and Agent.