cancel
Showing results for 
Search instead for 
Did you mean: 

Sync 6.0.0.2 console SSL error: it is trying RC4?

UnboundID FredricT
UnboundID
0 Kudos

Sync 6.0.0.2 console SSL error: it is trying RC4?

Geisinger. When using or attempting use the web console, an SSL error shows on the browser - and you must restart the brower and/or Sync in order to get back in. Works for a while then throws the SSL negotiation error saying this server cannot communicate securely... RC4

 

Next- while updating LDAP(source) with a poorly formatted date, the Sync server shutdown reporting an error with Crypto generator.

 

Java 8, checked jre/lib/security/*policy and note the RC4 is not to be used. Yes an app can invoke it if it wants. Also no PWP using RC4. in the DS. Browser is Chrome. O/S is Win2012 patched for RC4 issue.

 

Any idea how this is being generated.

thx

1 REPLY
UnboundID tmasselink
UnboundID
0 Kudos

Re: Sync 6.0.0.2 console SSL error: it is trying RC4?

So we did get this fixed but I thought I would reply just to capture the solution. It wasn't RC4 in particular that it was complaining about. IE just said that it was a weak cipher issue like RC4. Once we had them bring it up in Firefox it was actually the elliptic curve cipher that was the issue. To fix it edit <java home>jre/lib/security/java.security and add the Elliptic Curve algorithms:

 

jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 768, ECDH, ECDHE