|Applies To||RSA ClearTrust 5.0.1 Authorization Server (AServer)|
|Issue||Error: "SSL handshake failed: Bad hello. Probably not an SSL connection." in RSA ClearTrust|
The displatcher.log file shows the following error message:
2003-07-08 13:05:34:734 MDT,Event Type = ,Error,Event Description = ,Error handling client connection,Error = ,java.io.IOException: the SSL handshake failed: Bad hello. Probably not an SSL connection
|Cause||A ClearTrust Agent or auth server is attempting to contact the dispatcher using CLEAR authentication when the dispatcher is configured for ANON or AUTH|
|Resolution||To correct this issue, ensure that all Web agents are configured with the correct setting for cleartrust.agent.ssl.use= parameter.|
Also, ensure that all auth servers are configured with the correct setting for cleartrust.net.ssl.use= parameter.
Lastly, ensure there are no unknown or unauthorized Web agents attempting to contact the dispatcher. Use 'netstat' or packet trace to identify connections on port 5606 from deprecated agents. To identify location of offending Web agnet, use netstat to look for unknown hosts connecting to the dispatcher server on port 5608.
|Workaround||Installed RSA ClearTrust Agent|
|Legacy Article ID||a17832|