KB Article #180849
Sentinel log showing the following error - “no cipher suites in common” and EventRouter not able to send data
Problem
[Problem] : After updating Sentinel 4.2 SP17 or higher the following errors can be seen when using SSL data transfer from SentinelEventRouter to Sentinel.
Observation: SentinelEventRouter is no longer able to send SSL data to the Sentinel . Error shown - “no cipher suites in common” within SENTINEL.LOG file
SentinelEventRouter shows this error within LOG.DAT file:
20200215 210141 001 NETS E COMMER SSL Handshake error : alert=Handshake failure: sslv3 alert handshake failure (40)
Sentinel shows this error within SENTINEL.LOG file.
DEBUG L276 SocketEventReceiverTask.call - Fail: R=0 W=0{p=0) Lost=0 socket:Remote = server.name.com:34348 local = server.name.com: 1305 no cipher suites in common
Resolution
[ Solution] : SentinelEventRouter needs the configuration default value for SSL_CIPHER_SUITE to have a stricter level by adding the following values:
49199,49200 within the conf/sslconf.ini file
For example:
SSL_CIPHER_SUITE = 49199,49200,156,60,47
A restart of SentinelEventRouter is necessary after the above change.
The documentation for these changes can be found in 2 locations:
- Sentinel 4.2 SP17 Readme: “enhance cipher suite list allowed in Sentinel Server”:
https://support.axway.com/en/downloads/readme/id/1443644
- This doc correlates the values (49199,49200) with the CIPHERS characteristics: