IBM Support

DPWIV1217W received when TAM Webseal ssl junction created to RSA on Weblogic

Troubleshooting


Problem

Below messages are logged when TAM Webseal ssl junction is created to RSA on Weblogic server DPWWA1222E A third-party server is not responding. Possible causes: the server is down, there is a hung application on the server, or network problems. This is not a problem with the WebSEAL Server. DPWIV1217W SSL connection error. Created junction at /jct1

Symptom

'junction show /jct1' command shows

Server State: not running
Operational State: Online

Diagnosing The Problem

gskit trace show below error


121018|09:49:34|    572b|      90|       <S_Read()
121018|09:49:34|    572b|      90|      <ReadV3Msg()
121018|09:49:34|    572b|      90|      sslv3.cpp[4504]
       Alert Description: 2 20
121018|09:49:34|    572b|      90|      sslv3.cpp[4529]
       Received Alertlevel_Fatal.
121018|09:49:34|    572b|      90|      sslv3.cpp[4552]
       Alert : SSL_Bad_Record_Mac
121018|09:49:34|    572b|      90|     <ProcessAlertMsg()
121018|09:49:34|    572b|      90|    <SSL_Receive()
121018|09:49:34|    572b|      90|   <SSLV3_Handshake()
121018|09:49:34|    572b|      90|   >old2newerr(gskssl.cpp[1161])
121018|09:49:34|    572b|      90|    gskssl.cpp[1179]
     Old error[ -22 ] converted to new error [ 420 ]

Resolving The Problem

Set below parameters webseal.conf [junction] stanza

disable-ssl-v2 = yes

disable-tls-v1 = yes

[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"WebSEAL","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Historical Number

83750;000;834

Product Synonym

WebSEAL;TAMeb

Document Information

Modified date:
16 June 2018

UID

swg21615018

Page Feedback