000035497 - RSA Authentication Manager 8.2 SDK - Error "General SSLEngine problem; No available router to destination"

Document created by RSA Customer Support Employee on Sep 4, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035497
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager SDK Java
RSA Version/Condition: 8.2
 
IssueWhen running Authentication Manager SDK with Java code, you are getting the below error message
 
ERROR, win7x64-0-1.rsasvcs.lab.emc.com,,,,Unable to connect to command server for command execution.t3s://am82p.vcloud.local:7002: Destination 192.168.2.50, 7002 unreachable; nested exception is: 
javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination
ERROR: com.rsa.common.SystemException: Failed to connect with command server
at com.rsa.command.EJBRemoteTargetBase.executeCommand(EJBRemoteTargetBase.java:163)
at com.rsa.command.DelegatingCommandTarget.executeCommand(DelegatingCommandTarget.java:66)
at com.rsa.command.TargetableCommand.execute(TargetableCommand.java:297)
at com.rsa.authn.LoginCommand.execute(LoginCommand.java:611)
at com.rsa.authn.AuthenticatedTargetImpl.login(AuthenticatedTargetImpl.java:158)
at com.rsa.command.ConnectionFactory$ConnectionImpl.connect(ConnectionFactory.java:758)
at com.rsa.command.ConnectionFactory$ConnectionImpl.connect(ConnectionFactory.java:740)
at com.rsa.samples.admin.AdminAPIDemos.main(AdminAPIDemos.java:1374)
Caused by: javax.naming.CommunicationException: t3s://am82p.vcloud.local:7002: Destination 192.168.2.50, 7002 unreachable; nested exception is:
javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination [Root exception is java.net.ConnectException: t3s://am82p.vcloud.local:7002: Destination 192.168.2.50, 7002 unreachable; nested exception is:

javax.net.ssl.SSLHandshakeException: General SSLEngine problem; No available router to destination]
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:40)
at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:808)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:363)
at weblogic.jndi.Environment.getContext(Environment.java:319)
at weblogic.jndi.Environment.getContext(Environment.java:288)
at weblogic.jndi.Environment.createInitialContext(Environment.java:211)
at weblogic.jndi.Environment.getInitialContext(Environment.java:195)
at weblogic.jndi.Environment.getInitialContext(Environment.java:173)
at com.rsa.ims.command.weblogic.WebLogicInitialContextFactory.getInitialContext(WebLogicInitialContextFactory.java:146)
at com.rsa.command.EJBRemoteTarget$LookupEjb30.run(EJBRemoteTarget.java:552)
at com.rsa.command.EJBRemoteTarget$LookupEjb30.run(EJBRemoteTarget.java:1)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.security.Security.runAs(Security.java:61)
at com.rsa.command.WebLogicSecurityContextWrapper.runAs(WebLogicSecurityContextWrapper.java:51)
at com.rsa.command.EJBRemoteTarget.internalGetCommandServer(EJBRemoteTarget.java:369)
at com.rsa.command.EJBRemoteTarget.refreshCachedCommandServer(EJBRemoteTarget.java:350)
at com.rsa.command.EJBRemoteTarget.getCommandServer(EJBRemoteTarget.java:295)
at com.rsa.command.EJBRemoteTargetBase.executeCommand(EJBRemoteTargetBase.java:161)
... 7 more

 
CauseThis error is due to either wrong root certificate was imported into the keystore for remote API clients or no argument was set when running the code.
Resolution
  1. First, confirm you exported the correct root certificate from the server, and import it into the keystore for remote API clients. (check developer guide on how to do that)
  2. Add the Argument when running the code
Dweblogic.security.SSL.trustedCAKeyStore="keystore_file MyClass"
Example:
  • Using CLI
java -classpath classes;am-client.jar;axis.jar;axis-jaxrpc.jar;axis-saaj.jar;commons-beanutils.jar;commons-discovery.jar;commons-lang.jar;commons-logging.jar;iScreen.jar;iScreen-ognl.jar;log4j.jar;ognl.jar;spring-aop.jar;spring-asm.jar;spring-beans.jar;spring-context.jar;spring-context-support.jar;spring-core.jar;spring-expression.jar;wlfullclient.jar;wsdl4j.jar-Dweblogic.security.SSL.trustedCAKeyStore="keystore_file MyClass"
  • Using Eclipse
User-added image

Attachments

    Outcomes