Back-up failing after running network vulnerability scanner against Authentication Manager
Originally Published: 2017-06-30
Article Number
Applies To
RSA Product Set: SecurID
RSA Version/Condition: 8.0, 8.1, 8.2, 8.2 SP1, 8.2 SP1 P1
Issue
After running network vulnerability scanner against Authentication Manager or RADIUS ports backup failing.
The following error message "Unable to read RADIUS object -Could not create SSL Socket" is displayed in System Log report as per below logs:
com.rsa.ims.operationsconsole.admin.taskmgr.TaskExecutionException: Failed to perform a RADIUS backup., at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:100), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$FastClassBySpringCGLIB$$2b80a329.invoke(<generated>), at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204), at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:700), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.aspectj.AspectJAfterThrowingAdvice.invoke(AspectJAfterThrowingAdvice.java:55), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172), at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:633), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask$$EnhancerBySpringCGLIB$$472d27eb.execute(<generated>), at com.rsa.ims.operationsconsole.admin.backup.scheduler.service.AsyncBackupJobWorkerImpl.execute(AsyncBackupJobWorkerImpl.java:231), at sun.reflect.GeneratedMethodAccessor451.invoke(Unknown Source), at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), at java.lang.reflect.Method.invoke(Method.java:606), at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317), at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183), at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150), at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:95), at java.util.concurrent.FutureTask.run(FutureTask.java:262), at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145), at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615), at java.lang.Thread.run(Thread.java:745),Caused by: com.rsa.authmgr.radius.migration.command.exception.RADIUSMigrationException: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:254), at com.rsa.ims.operationsconsole.admin.backuprestore.RadiusBackupHelper.executeBackup(RadiusBackupHelper.java:146), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.performRadiusBackup(RadiusBackupTask.java:128), at com.rsa.ims.operationsconsole.admin.backup.tasks.RadiusBackupTask.execute(RadiusBackupTask.java:89), ... 22 more,Caused by: com.rsa.authmgr.radius.exception.RadiusSystemException: Unable to read RADIUS object -Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.impl.XUIAccessImpl.getDataAsStream(XUIAccessImpl.java:437), at com.rsa.authmgr.radius.internal.migration.impl.RADIUSMigrationServiceImpl.exportRADIUSData(RADIUSMigrationServiceImpl.java:246), ... 25 more,Caused by: java.lang.RuntimeException: Could not create SSL Socket, at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.initSSLSocket(XUISSLSocketFactory.java:87), at com.rsa.authmgr.internal.radius.sbr.xui.ssl.XUISSLSocketFactory.createSocket(XUISSLSocketFactory.java:59), at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706), at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386), at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170), at org.apache.commons.httpcliWorkaround
If there is a corporate or governmental policy which requires scanning of the ports, the implementation of the policy will need to include a reboot of Authentication Manager Server after the completion of the scan.
Related Articles
Remote Backups not working with Authentication Manager 8.2 Number of Views Best practices for running vulnerability scans against RSA Authentication Manager 8.x Number of Views CERT/CC Vulnerability Note VU#475445: Potential Impact on RSA Products Number of Views KRA cannot reach SMTP server to send email notifications Number of Views CVE-2021-41617 Security vulnerability for RSA Authentication Manager 8.6.x Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Troubleshooting RSA MFA Agent for Microsoft Windows RSA Authentication Manager 8.9 Known Issues Troubleshooting AFX Connector issues in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
