Reset Search
 

 

Article

KB11728 - The Events log is displaying SSL negotiation failed messages

« Go Back

Information

 
Last Modified Date1/5/2016 2:21 AM
Synopsis
This article describes the issue of the SSL negotiation failed messages being displayed in the Events log, after upgrading an PCS device.
Problem or Goal
What is causing the error and Is there a way to correct it?
Cause
Solution
This is a new message, which was implemented in the PCS OS for 6.0R4, 6.1R3, and 6.2R1 and later versions of the PCS OS:
Minor      AUT24604  <date> <time> - ive - [<IP>] IVSname::System()[] - SSL negotiation failed while client at source IP '<IP>' was trying to connect to '<IP>' . Reason:<reason_inserted_if_available>'

This occurs due to the client trying to negotiate a connection, by using an unsupported piece of the SSL connection. This could be the initial SSL version or protocol, which was attempted. For example, if you enable SSL v3 and TLS v1 and the client connects (only or initially) with SSL v2, you will see this message.

There is no concern with this message; however, it can be disabled, if you do not want to have this message occurring frequently in the log file. To disable:
 
  1. Enable the Do not allow connections from browsers that only accept weak ciphers option, which is located under System > Configuration > Security.
 
  • Disable Connection Requests, which is located under System > Log/Monitoring > Events Log > Settings.

The reason string will be blank, if there is no additional information available beyond that the failure occurred. There are multiple attempts logged per user per connection. Each client connection will also generate this message.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255