Back-up failing after running network vulnerability scanner against Authentication Manager
Originally Published: 2017-06-30
Article Number
Applies To
RSA Product Set: SecurID
RSA Version/Condition: 8.0, 8.1, 8.2, 8.2 SP1, 8.2 SP1 P1
Issue
After running network vulnerability scanner against Authentication Manager or RADIUS ports backup failing.
The following error message "Unable to read RADIUS object -Could not create SSL Socket" is displayed in System Log report as per below logs:
com.rsa.ims.operationsconsole.admin.taskmgr.TaskExecutionException: Failed to perform a RADIUS backup., at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:100), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$FastClassBySpringCGLIB$$2b80a329.invoke(<generated>), at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204), at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:700), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.aspectj.AspectJAfterThrowingAdvice.invoke(AspectJAfterThrowingAdvice.java:55), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:633), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$EnhancerBySpringCGLIB$$472d27eb.execute(<generated>), at com.rsa.ims.operationsconsole.admin.backup.scheduler.service.AsyncBackupJobWorkerImpl.execute(AsyncBackupJobWorkerImpl.java:231), at sun.reflect.GeneratedMethodAccessor451.invoke(Unknown Source), at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), at java.lang.reflect.Method.invoke(Method.java:606), at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317), at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:95), at java.util.concurrent.FutureTask.run(FutureTask.java:262), at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145), at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615), at java.lang.Thread.run(Thread.java:745),Caused by: com.rsa.authmgr.radius.migration.command.exception.RADIUSMigrationException: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:254), at com.rsa.ims.operationsconsole.admin.backuprestore.RadiusBackupHelper.executeBackup(RadiusBackupHelper.java:146), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.performRadiusBackup(RadiusBackupTask.java:128), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:89), ... 22 more,Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.getDataAsStream(XUIAccessImpl.java:437), at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:246), ... 25 more,Caused by: java.lang.RuntimeException: Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.initSSLSocket(XUISSLSocketFactory.java:87), at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.createSocket(XUISSLSocketFactory.java:59), at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706), at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386), at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170), at org.apache.commons.httpcliWorkaround
If there is a corporate or governmental policy which requires scanning of the ports, the implementation of the policy will need to include a reboot of Authentication Manager Server after the completion of the scan.
Related Articles
Best practices for running vulnerability scans against RSA Authentication Manager 8.x Number of Views Apache vulnerability 'Apache HTTP Server mod_rewrite' from scan Number of Views Spring-related vulnerabilities for RSA Authentication Manager Number of Views CERT/CC Vulnerability Note VU#144389: Potential Impact on RSA Products Number of Views KCA Apache web server showing security vulnerability with scan due patch level/version Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
