SSL0222W when using specific ciphers on Apache

Document ID : KB000100302
Last Modified Date : 06/06/2018
Show Technical Document Details
Issue:
We have restricted the number of available TLSv12 ciphers that can be used in our Apache web server.
When trying to connect from a Web Client to zPM which runs under the Apache server, we get an error:
SSL0222W: SSL Handshake Failed, No ciphers specified (no shared ciphers or no shared protocols) 
Environment:
zPM or CA Dynamic Capacity Intelligence
Cause:
The problem is not on zPM (or CA Dynamic Capacity Intelligence) side but it's related to the old version of the WEB Client (Firefox) that is used to run the zPM (or CA Dynamic Capacity Intelligence) GUI.
This old version doesn't support the new ciphers. 
Resolution:
The only solution is upgrading to a newer version of Web Client that support the specific ciphers.
Additional Information:
These ciphers fail:
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384(9D) 
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_256_CBC_SHA256(3D) 
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_GCM_SHA256(9C) 
SSL0320I: Using TLSv12 Cipher: TLS_RSA_WITH_AES_128_CBC_SHA256(3C)