|Applies To||AM 7.1 SP4|
|Issue||When attempting to access the security and operations consoles in AM 7.1, you encounter one of the following error:|
In Firefox, it states:
Secure Connection Failed
An error occurred during a connection to <hostname>:7004. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
In IE, it states:
This page can’t be displayed
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://<hostname>:7004 again. If this error persists, contact your site administrator.
In Chrome, it states:
This webpage is not available
Click on the details hyper-link, it says: A secure connection cannot be established because this site uses an unsupported protocol.
AM 7.1 reached end-of-life on December 31st. Please upgrade to at least AM 7.1 SP4 Patch 36 or migrate to the latest version of AM 8.1 to get the fix for this issue.
In AM 7.1 SP4 Patch 36, it contains the following fix:
AM-28570 - Limits certain ports used for https browser connections to use only TLSv1. This addresses the POODLE vulnerability (CVE-2014-3566) associated with padding in messages encrypted by CBC ciphers under SSLv3. This fix must be applied to all primary and replica systems.
|Workaround||Workaround in Firefox|
Enter "about:config" (without quotes) in the addressbar, and change the following values
security.tls.version.min set it to 0
security.tls.version.fallback-limit set it to 0
After saving these changes, please try to access the security and/or operations console again. Once the AM environment has upgraded to at least AM 7.1 SP4 Patch 36, please revert the changes made in Firefox.
**Please note that this may technically lower the security of the browser so it is advised to load patch 36 (or newer) as soon as possible.