Hi Dhinakaran,
The best procedures
@Lars Besselmann suggested.
If you are not able to disable security please check if this certificates files are the same if not take from DMGR Node and copy to Node.
To verify:
./keytool -list -v -keystore <PATH>/key.p12
f.e
./keytool -list -v -keystore /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/DefaultCell01/nodes/DefaultNode01/key.p12
Copy from "DMGR Node" key.p12 and trust.p12 of the "Node" if you are using default configuration will be at
"${CONFIG_ROOT}/cells/DefaultCell01/nodes/DefaultNode01/key.p12"
"${CONFIG_ROOT}/cells/DefaultCell01/nodes/DefaultNode01/trust.p12"
* Backup files previusly
To "Node"
PROFILE/etc/
f.e
/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/etc
Hope this helps. Tell us if you need more support
Regards
------------------------------
Gabriel Aberasturi
Versia tecnologias emergentes
------------------------------
Original Message:
Sent: Thu June 30, 2022 05:53 AM
From: Dhinakaran Lakshmanadoss
Subject: Unable to bring up/sync the node agent
Hi,
We are using WebSphere server 8.5.5.8 and Java version is 1.7. Actually when we try to fix a device vuln in one of the server, we changed the protocol from SSL_TLS to TLSv1.2 (which is under SSL certificate and key management -> SSL configuration -> NodeDefaultSSLSettings -> QoP ). After we applied the changes Node Agent went down. Once we realized it, we reverted the changes. Even though, it is not up.
dmgr and node agent is running. But when we execute syncNode.sh, exception occurred (SSLHandShake). We have checked the following files,
1. security.xml (both dmgr and node - have values as SSL_TLS in sslprotocol)
2. ssl.client.props (having SSL_TLS only)
Please advise
Few logs:
Caused by: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure]
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:429)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>(SOAPConnectorClient.java:228)
... 39 more
Caused by: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure]
at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:475)
at org.apache.soap.rpc.Call.WASinvoke(Call.java:510)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient$4.run(SOAPConnectorClient.java:387)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:372)
... 40 more[6/23/22 5:46:08:077 CDT] 00000001 AdminTool E ADMU0111E: Program exiting with error: com.ibm.websphere.management.exception.ConnectorException: ADMC0016E: The system cannot create a SOAP connector to connect to host {server_name} at port 8878.
at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:635)
at com.ibm.websphere.management.AdminClientFactory.access$000(AdminClientFactory.java:127)
at com.ibm.websphere.management.AdminClientFactory$1.run(AdminClientFactory.java:210)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:63)
at com.ibm.websphere.management.AdminClientFactory.createAdminClient(AdminClientFactory.java:206)
at com.ibm.ws.management.tools.AbstractNodeConfigUtility.getAdminClient(AbstractNodeConfigUtility.java:204)
at com.ibm.ws.management.tools.NodeSyncUtility.runTool(NodeSyncUtility.java:155)
at com.ibm.ws.management.tools.AdminTool.executeUtility(AdminTool.java:271)
at com.ibm.ws.management.tools.NodeSyncUtility.main(NodeSyncUtility.java:69)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:234)
at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:96)
at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.eclipse.equinox.internal.app.EclipseAppContainer.callMethodWithException(EclipseAppContainer.java:587)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:198)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)
at org.eclipse.core.launcher.Main.basicRun(Main.java:282)
at org.eclipse.core.launcher.Main.run(Main.java:981)
at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:401)
at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:164)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:86)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:58)
at java.lang.reflect.Constructor.newInstance(Constructor.java:542)
at com.ibm.websphere.management.AdminClientFactory.createAdminClientPrivileged(AdminClientFactory.java:457)
... 34 more
Caused by: com.ibm.websphere.management.exception.ConnectorNotAvailableException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure]
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconnect(SOAPConnectorClient.java:429)
at com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>(SOAPConnectorClient.java:228)
... 39 more
Caused by: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure]
at org.apache.soap.transport.http.SOAPHTTPConnection.send(SOAPHTTPConnection.java:475)
, resulting from: [SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure; targetException=java.lang.IllegalArgumentException: Error opening socket: java.io.IOException: Exception during sslSocket.startHandshake: Received fatal alert: handshake_failure]
[6/23/22 5:46:08:082 CDT] 00000001 AdminTool A ADMU4123E: Ensure that the Deployment Manager is running on the specified host and port. Also ensure that the security configuration in ssl.client.props on the node is compatible with the Deployment Manager.
[6/23/22 5:46:08:082 CDT] 00000001 AdminTool A ADMU1211I: To obtain a full trace of the failure, use the -trace option.
[6/23/22 5:46:08:083 CDT] 00000001 AdminTool A ADMU0211I: Error details may be seen in the file:
------------------------------
Dhinakaran Lakshmanadoss
------------------------------