Failing to access Identity Router IDR Web resource after IDR v2.17 update
Identity Router v2.17 update. ( Jan Release)
The IDR web resource are not accessible and are failing with following error in /var/log/symplified/*-error.log file. [ssl:info] AH02008: SSL library error 1 in handshake [ssl:info] SSL Library Error: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher – Too restrictive SSLCipherSuite or using DSA server certificate? [ssl:info] AH01998: Connection closed to child 20 with abortive shutdown
In IDR v2.17: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) [openssl name - AES256-SHA256] and TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) [openssl name- AES256-SHA] are broken and fix is being pushed as part of Cloud Feb release.
If client apps in customer environment (browser/REST clients) are having only these two common ciphers in their cipher suites, the IDR web resource will be inaccessible due to no shared cipher.
These 2 ciphers will be fixed as part of Cloud Feb release 2023