How to handle when a component is failing to authenticate(handshake failure) after install in RSA Web Threat Detection 6.0
Originally Published: 2016-11-15
Article Number
Applies To
RSA Product/Service Type: Forensics
RSA Version/Condition: 6.0
Platform: Linux
Issue
Actual customer case -- After 6.0 installation, Silverplex is failing authentication. Here is an example of a handshake error on the Silverplex component:
Oct 27 15:59:23 slcst21a silverplex[81959]: [info] back [T11 st::tls::Server::MasterRunnable] [tls server 1] Accepted connection from 10.73.101.208:41799 Oct 27 15:59:23 slcst21a silverplex[81959]: [info] back [T6 st::task::QueueRunner] [st::tls::ServerHandshaker] [handshaker 1.6] [session 29309] TLS handshake on 8 Oct 27 15:59:23 slcst21a silverplex[81959]: [error] back [T6 st::task::QueueRunner] [st::tls::ServerHandshaker] [handshaker 1.6] [session 29309] TLS handshake error: Decryption has failed. Oct 27 15:59:23 slcst21a silverplex[81959]: [info] back [T6 st::task::QueueRunner] [st::tls::ServerHandshaker] [handshaker 1.6] [session 29309] Closing TLS session on 8 Oct 27 15:59:26 slcst21a rsyslogd-2177: imuxsock lost 143243 messages from pid 81641 due to rate-limiting
Tasks
Resolution
- Most processes use the SilverTail cert and key for different things-- passwords, shard encryption, interprocess communication. It may be best to restart all the services. Note -- Scout is used for interbox processes, so make sure this component is restarted first.
- Get an understanding of the Customer system architecture, which components are located on each server.
- Review /var/log/messages to check for TLS handshake errors and identify the components that are having these errors.
- Use md5sum command to make sure cert and key are the same on the servers that have failing components.
- Use Varz to see which components are connecting and passing messages and which are not.
Notes
Related Articles
RSA Cloud Authentication Service password authentication fails due to "LDAP account not permitted to authenticate via this… Number of Views RSA Identity Governance & Lifecycle Identity Data Collection is failing due to ORA-00904: CUS_ATTR_USER_CAS_XX invalid ide… Number of Views RSA Authentication Manager On-Demand Authentication (ODA) failing with the following error: User provided incorrect On-De… Number of Views Troubleshooting RSA MFA Agent for Microsoft Windows Number of Views Disable multi-factor authentication (MFA) prompt for "Run as" on machine on which the RSA MFA Agent for Microsoft Windows … Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) How to configure RSA Authentication Manager 8.4 or later to send data to multiple remote syslog servers Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU
Don't see what you're looking for?
