Absent Member.
Absent Member.
362 views

Handshake_failure with ArcSight Web

When running the following command /data/arcsight/Web/bin/runwebsetup.sh, we are configuring for FIPS with Suite B 192 bits[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA], we are using the instructions from the ESM Installation Guide, we get an the following error when trying to connect the ArcSight Manager.

We have imported the Manager cert into the ArcSight Web webnssdb folder.  However, we are still unable to get passed the portion below.

See below.

Connecting to ArcSight Manager
FATAL EXCEPTION:
com.arcsight.manager.ConnectionException: Error while executing command: Received fatal alert: handshake_failure
        at com.arcsight.manager.XmlRpcManager.privateExecute(XmlRpcManager.java:570)
        at com.arcsight.manager.XmlRpcManager.execute(XmlRpcManager.java:273)
        at com.arcsight.authz.AuthorizationManager.loginAndReturnValue(AuthorizationManager.java:237)
        at com.arcsight.install.installweb.WebConfigurationWizard.loginToManager(WebConfigurationWizard.java:815)
        at com.arcsight.install.installweb.WebConfigurationWizard.access$1500(WebConfigurationWizard.java:48)
        at com.arcsight.install.installweb.WebConfigurationWizard$8.processNext(WebConfigurationWizard.java:612)
        at com.arcsight.install.wizard.WizardProcessorBase.process(WizardProcessorBase.java:498)
        at com.arcsight.install.wizard.console.BaseWizardPanelImpl.r(BaseWizardPanelImpl.java:128)
        at com.arcsight.install.wizard.console.WizardParameterPanelImpl.ask(WizardParameterPanelImpl.java:72)
        at com.arcsight.install.wizard.console.BaseWizardPanelImpl.run(BaseWizardPanelImpl.java:75)
        at com.arcsight.install.wizard.console.WizardParameterPanelImpl.run(WizardParameterPanelImpl.java:23)
        at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1606)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:885)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1049)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1076)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1060)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
        at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1014)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
        at helma.xmlrpc.XmlRpcClient$Worker.execute(Unknown Source)
        at helma.xmlrpc.XmlRpcClient.execute(Unknown Source)
        at com.arcsight.manager.XmlRpcManager.privateExecute(XmlRpcManager.java:452)
        ... 11 more

Please provide assistance.  This issue needs to be resolved ASAP, for we are on a tight schedule to get this installed and configured properly to meet proper deadlines.

Sincerely,

David Pankey

410-854-9582 home

david.l.pankey@ugov.gov

Labels (1)
Tags (4)
0 Likes
Reply
1 Reply
Highlighted
Absent Member.
Absent Member.

Re: Handshake_failure with ArcSight Web

Hello David,

are you using any Virtualisation in your ESM Environment?

Also: ./$ARCSIGHT/jre/bin/java -version    

Is this Java 7?

I have seen this behaviour before on other Webservers using Java 7.

Best Regards,

Christoph

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.