AWS AFX Connector "SSLHandshakeException: Could not generate secret" error in RSA Governance & Lifecycle
Article Number
Applies To
- Securid Governance & Lifecycle 7.5.2
- RSA Governance & Lifecycle 8.0.0
Issue
2024-02-30 16:15:12.064 [ERROR] com.aveksa.AFX.server.runtime.esb.amazonaws.esb.AmazonAWSComponent:361 - Unable to execute HTTP request: Could not generate secret com.amazonaws.SdkClientException: Unable to execute HTTP request: Could not generate secret ... Caused by: javax.net.ssl.SSLHandshakeException: Could not generate secret at sun.security.ssl.ECDHKeyExchange$ECDHEKAKeyDerivation.t13DeriveKey(ECDHKeyExchange.java:479)
Cause
Resolution
- RSA Governance & Lifecycle 8.0.0 P02
Workaround
In the following version
- Securid Governance & Lifecycle 7.5.2
Edit the /home/oracle/AFX/esb/conf/wrapper.conf
At line 31 in wrapper.conf insert the following line.
wrapper.java.additional.11=-Djdk.tls.client.protocols=TLSv1.2
Restart AFX for the changes to take effect.
This modification must be done if you patch 7.5.2 or redeploy a new AFX instance on 7.5.2
(Customers on 8.0.0 version should patch to the latest patch.)
Related Articles
AWS collector fails with NoClassDefFoundError Number of Views AWS Workspaces - RSA Ready Implementation Guide Number of Views AWS IAM Identity Center CloudWatch - SAML Relying Party Configuration - RSA Ready Implementation Guide Number of Views AWS IAM Identity Center CloudWatch - SAML My Page SSO Configuration - RSA Ready Implementation Guide Number of Views AWS Amazon Cognito - SAML Relying Party Configuration - RSA Ready Implementation Guide Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
