ETPKI Handshake Error in Selang

Document ID : KB000005926
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

When in the selang environment and attempting to host to another system, an error is generated regarding a handshake failure.

Example:

# selang

AC> host DMS__@entm.domain.com

Handshake failed ETPKI socket error(0X110001) 

Cause:

The issue occurs due to the two instances having a different communication modes on each system. One system is configured for SSL communication while the other is not, which causes a handshake error between systems.

Resolution:

To resolve the issue, ensure that the communication_mode value matches for both systems.

 

On Linux:

1- Stop PIM daemons.

2- Open seos.ini and go to the crypto section.

3- Change communication_mode to the desired value.

 

On Windows:

1- Stop PIM services.

2- Open regedit and look for the section below.

HKEY_LOCAL_MACHINE\Software\ComputerAssociates\AccessControl\crypto

3- Change communication_mode to the desired value.

Additional Information:

For more information regarding communication_mode and other cryptography configurations, please refer to the Implementation Guide.

Linux: https://docops.ca.com/ca-privileged-identity-manager/12-9-01/EN/reference/configuration-files/the-seos-ini-initialization-file/crypto

Windows: https://docops.ca.com/ca-privileged-identity-manager/12-9-01/EN/reference/registry/crypto-windows