KB Article #179043
[ERROR]Algorithm constraints check failed: MD5withRSA
Problem
Connection between Gateway and SecureRelayRA fails with the following in router.log:
Communicator : [MA x.x.x.x/x.x.x.x:yyy]: Terminating connection
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1431)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1214)
...
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:304)
...
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5withRSA
Resolution
Remove MD5 from JRE_HOME/lib/security/java.security for the following properties :
jdk.certpath.disabledAlgorithms
jdk.tls.disabledAlgorithms
and restart SecureRelay and Gateway.