Article Content
Article Number | 000037678 |
Applies To | RSA Product Set: SecurID RSA Product/Service Type: Authentication Manager, Authentication Manager Prime RSA Version/Condition: 8.4 |
Issue | After upgrading to RSA Authentication Manager 8.4, users aren't able to login to the Authentication Manager Prime Help Desk Admin Portal (HDAP) and/or Self Service Portal (SSP). If you check the log file <AMIS_installation_directory>/logs/am8.log, the following error will appear: Could not access HTTP invoker remote service at [/ims-ws/httpinvoker/CommandServer]; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure |
Cause | RSA Authentication Manager 8.4 mandates TLS 1.2 in strict mode. Java versions prior to JRE/JDK 8.x do not. When AMIS running JRE 7 or older sends a client hello using a protocol other than TLS 1.2 to Authentication Manager 8.4 during the SSL handshake, Authentication Manager refuses to complete the handshake. |
Resolution | Follow these steps to resolve this issue:
|