Blog | G5 Cyber Security

Cannot install or use ssoadm in AM 5, 5.5, 5.5.1, 6.0.0.x, 6.5.0 and 6.5.0.1 after restricting configuration store (DS) cipher suites or Java upgrade

You can enable SSL debug logging for ssoadm as described in FAQ: SSL certificate management in DS 5.x or 6.x. You can see errors similar to the following in the DS server.out log: Initialized: [Session-7, SSL_NULL_WITH_NULL] LDAPS 0.0.0 port 40636(2) SelectorRunner, SEND TLSv1.2 ALERT: Fatal, description = handshake_failure. Using SSLEngineImpl: Allow unsafe renegotiation: false 1321 Allow legacy hello messages: true 1323 Is initial handshake: true.”]

Source: https://backstage.forgerock.com/knowledge/kb/article/a39099709

Exit mobile version