IBM Security Verify

 View Only

After upgrading from ISAM 905 to 1031, ISAM reverseProxy issuing "Encrypted Alert" and Resetting the connection with client.

  • 1.  After upgrading from ISAM 905 to 1031, ISAM reverseProxy issuing "Encrypted Alert" and Resetting the connection with client.

    Posted Thu April 21, 2022 07:52 AM
    After upgrading from ISAM 905 to 1031, have noticed ISAM reverseProxy issuing "Encrypted Alert" and Resetting the connection with client.


    If you see above Client (140.168.254.162) has sent Application Data, ISAM ReverseProxy instead of Acknowledging this packet, is issuing "Encrypted Alert" and then Resetting the connection.  Is this behavior "Normal" ? I believe in 905 the same scenario is working fine.

    I have gone through some articles around similar errors, which talks about adding a property in ldap.conf.

    [ldap]
    ldap-ssl-set-extn-sigalg = GSK_TLS_SIGALG_RSA_WITH_SHA1,GSK_TLS_SIGALG_DSA_WITH_SHA1,GSK_TLS_SIGALG_ECDSA_WITH_SHA1,GSK_TLS_SIGALG_RSA_WITH_SHA224,GSK_TLS_SIGALG_ECDSA_WITH_SHA224,GSK_TLS_SIGALG_RSA_WITH_SHA256,GSK_TLS_SIGALG_ECDSA_WITH_SHA256,GSK_TLS_SIGALG_RSA_WITH_SHA384,GSK_TLS_SIGALG_ECDSA_WITH_SHA384,GSK_TLS_SIGALG_RSA_WITH_SHA512,GSK_TLS_SIGALG_ECDSA_WITH_SHA512

    After modifying ldap.conf, you need to save, deploy and restart runtime/reverse proxy.

    But the above is when ISAM ReverseProxy is having issues in connecting to LDAP/AD.

    Will you provide some guidance on how to debug this issue. No errors are logged in Webseal messages.log

    Thanks.

    ------------------------------
    Ajay Shedge
    ------------------------------