Back-up failing after running network vulnerability scanner against Authentication Manager
Originally Published: 2017-06-30
Article Number
Applies To
RSA Product Set: SecurID
RSA Version/Condition: 8.0, 8.1, 8.2, 8.2 SP1, 8.2 SP1 P1
Issue
After running network vulnerability scanner against Authentication Manager or RADIUS ports backup failing.
The following error message "Unable to read RADIUS object -Could not create SSL Socket" is displayed in System Log report as per below logs:
com.rsa.ims.operationsconsole.admin.taskmgr.TaskExecutionException: Failed to perform a RADIUS backup., at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:100), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$FastClassBySpringCGLIB$$2b80a329.invoke(<generated>), at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204), at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:700), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.aspectj.AspectJAfterThrowingAdvice.invoke(AspectJAfterThrowingAdvice.java:55), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:633), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$EnhancerBySpringCGLIB$$472d27eb.execute(<generated>), at com.rsa.ims.operationsconsole.admin.backup.scheduler.service.AsyncBackupJobWorkerImpl.execute(AsyncBackupJobWorkerImpl.java:231), at sun.reflect.GeneratedMethodAccessor451.invoke(Unknown Source), at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), at java.lang.reflect.Method.invoke(Method.java:606), at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317), at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:95), at java.util.concurrent.FutureTask.run(FutureTask.java:262), at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145), at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615), at java.lang.Thread.run(Thread.java:745),Caused by: com.rsa.authmgr.radius.migration.command.exception.RADIUSMigrationException: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:254), at com.rsa.ims.operationsconsole.admin.backuprestore.RadiusBackupHelper.executeBackup(RadiusBackupHelper.java:146), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.performRadiusBackup(RadiusBackupTask.java:128), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:89), ... 22 more,Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.getDataAsStream(XUIAccessImpl.java:437), at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:246), ... 25 more,Caused by: java.lang.RuntimeException: Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.initSSLSocket(XUISSLSocketFactory.java:87), at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.createSocket(XUISSLSocketFactory.java:59), at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706), at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386), at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170), at org.apache.commons.httpcliWorkaround
If there is a corporate or governmental policy which requires scanning of the ports, the implementation of the policy will need to include a reboot of Authentication Manager Server after the completion of the scan.
Related Articles
Apache vulnerability 'Apache HTTP Server mod_rewrite' from scan Number of Views Best practices for running vulnerability scans against RSA Authentication Manager 8.x Number of Views CERT/CC Vulnerability Note VU#144389: Potential Impact on RSA Products Number of Views Demonstrate no increased risks in RADIUS TCP ports 1812 and 1813 reported vulnerability findings in RSA Authentication Man… Number of Views KCA Apache web server showing security vulnerability with scan due patch level/version Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle RSA Authenticator 6.2.2 for Windows Administrator Guide RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
