000019963 - Error: 'The data is invalid' appears in web browser when using RSA ClearTrust

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019963
Applies ToRSA ClearTrust 4.6.1 Authorization Server (AServer)
RSA ClearTrust 4.6.1 Dispatcher/Key Server
RSA ClearTrust Agent 4.7.1 for Microsoft IIS
IssueError: "The data is invalid" appears in web browser when using RSA ClearTrust
Error: "SSL write failed: error 1, written-1" appears in RSA ClearTrust IIS plugin's DBWin32.exe debug utility
Error: "MSG: UNKNOWN_MSG_TYPE  MuxTransportManager.startReaderThread(): got IOException MuxServer: Socket shutdown, connection closed TcpServer: mux socket closed." appears in the ClearTrust Authorization server debug logs
CauseSSL configuration between ClearTrust 4.7.1 plugin and 4.6.1 dispatcher & authorization server are misconfigured. The most likely scenario is that the ClearTrust server is configured to not require authenticated SSL, but the ClearTrust plugin is configured for authenticated SSL.
ResolutionExamine the SSL settings in the Default.conf file on the ClearTrust 4.6.1 server and the webagent.conf file on the ClearTrust 4.7.1 Web server plugin. If SSL is enabled in the ClearTrust server's Default.conf file, but the parameter "securecontrol.net.ssl.require_authentication" is set to "no" or "false", the server will expect an anonymous SSL connection from the plugins. Anonymous SSL is configured on the ClearTrust 4.7.1 plugin by setting the webagent.conf parameter "cleartrust.agent.ssl.use" to "yes" or "true" and leaving the following keystore and password parameters blank. If a valid key store file and password is supplied, the plugin will use authenticated SSL. In this case, the ClearTrust server's Default.conf file parameter "securecontrol.net.ssl.require_authentication" will need to be set to "yes" or "true".
Legacy Article IDa13452