KB Article #180849

Sentinel log showing the following error - “no cipher suites in common” and EventRouter not able to send data

Problem

[Problem] : After updating Sentinel 4.2 SP17 or higher the following errors can be seen when using SSL data transfer from SentinelEventRouter to Sentinel.

Observation: SentinelEventRouter is no longer able to send SSL data to the Sentinel . Error shown - “no cipher suites in common” within SENTINEL.LOG file

SentinelEventRouter shows this error within LOG.DAT file:
20200215 210141 001 NETS E COMMER SSL Handshake error : alert=Handshake failure: sslv3 alert handshake failure (40)

Sentinel shows this error within SENTINEL.LOG file.

DEBUG L276 SocketEventReceiverTask.call - Fail: R=0 W=0{p=0) Lost=0 socket:Remote = server.name.com:34348 local = server.name.com: 1305 no cipher suites in common



Resolution

[ Solution] : SentinelEventRouter needs the configuration default value for SSL_CIPHER_SUITE to have a stricter level by adding the following values:

49199,49200 within the conf/sslconf.ini file

For example:

SSL_CIPHER_SUITE = 49199,49200,156,60,47

A restart of SentinelEventRouter is necessary after the above change.

The documentation for these changes can be found in 2 locations:

  1. Sentinel 4.2 SP17 Readme: “enhance cipher suite list allowed in Sentinel Server”:

https://support.axway.com/en/downloads/readme/id/1443644

  1. This doc correlates the values (49199,49200) with the CIPHERS characteristics:

https://docs.axway.com/bundle/TransferCFT_35_UsersGuide_allOS_en_HTML5/page/Content/Security/manage_cipher_suites.htm

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.