Troubleshooting
Problem
This document describes how to configure the TLS 1.2 or TLS 1.3 protocol for secure communications in configurations of IBM FileNet Content Manager (FNCM) server components: Content Platform Engine (CPE), Content Search Services (CSS), Configuration Manager User Interface (CMUI), and the Content Platform Engine tools (Process Engine Tools, Content Engine Batch Ingestion (CEBI), and FileNet Deployment Manager (FDM)).
With IBM JRE 8.0.6.25 and higher, when FIPS is enabled, SSL communication errors might occur between IBM FileNet Content Manager services and clients.
- The errors can be seen in Content Search Services (CSS) admin tools failing to connect to the CSS server with the secure port.
- The errors might state that the Content Search Server is not started even though it is running.
- The errors can be seen in the Content Search Services (CSS) containers and the Content Platform Engine (CPE) containers when the Content Platform Engine attempts to connect to a Content Search Server with the secure port.
Symptom
The underlying exceptions that are thrown depend on the SSL version supported by the client JRE.
TLSv1.2: javax.net.ssl.SSLException: Received fatal alert: internal_error
TLSv1.3: javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
The exceptions that a user sees in Administration Console for Content Platform Engine (ACCE) or some other Content Engine clients are:
IBM Content Search Services could not communicate with the server that runs on the <host> <port>
IBM Content Search Services could not run a query because no search server could be found to run the query.
TLSv1.2: javax.net.ssl.SSLException: Received fatal alert: internal_error
TLSv1.3: javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
The exceptions that a user sees in Administration Console for Content Platform Engine (ACCE) or some other Content Engine clients are:
IBM Content Search Services could not communicate with the server that runs on the <host> <port>
IBM Content Search Services could not run a query because no search server could be found to run the query.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"ARM Category":[{"code":"a8m0z000000blcLAAQ","label":"Java"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"ARM Category":[{"code":"a8m0z000000cwKPAAY","label":"Application Servers"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
28 April 2025
UID
ibm16459125