After upgrading to RSA Authentication Manager 8.4, users aren't able to login to the Authentication Manager Prime Help Desk Admin Portal (HDAP) and/or Self Service Portal (SSP). If you check the log file <AMIS_installation_directory>/logs/am8.log, the following error will appear:
Could not access HTTP invoker remote service at [/ims-ws/httpinvoker/CommandServer]; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
RSA Authentication Manager 8.4 mandates TLS 1.2 in strict mode. Java versions prior to JRE/JDK 8.x do not. When AMIS running JRE 7 or older sends a client hello using a protocol other than TLS 1.2 to Authentication Manager 8.4 during the SSL handshake, Authentication Manager refuses to complete the handshake.
Follow these steps to resolve this issue:
Download and Install Java JRE 8 or higher on the system where Authentication Manager Prime is installed.
Stop all Authentication Manager Prime services (i.e., AMIS, SSP, HDAP).