Notifications
Clear all
Topic starter
We were not able to login to CPS from Citrix clients after Window updates. We had to restore all of our Citrix servers to previous Window update states to fix the issue.
Error occurred in class WebServiceClientBase, method CallWebService
Unable to make service calls: server is down or unavailable. Contact Administrator for assistance. Please check server port configuration; see the installation/upgrade guide for your system for details.
SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'ucvpcpsapp01:9443'.
We were able to login to CPS from Application server but not from Citrix clients. Any ideas?
Posted : June 12, 2018 3:02 am
Are you installing really old updates? IIRC, IE disabled some deprecated/obsolete encryption algorithms some time ago. As I recall, the fix is JBoss requires an adjustment to the encryption algorithms offered during negotiation.
-dp
Posted : June 12, 2018 3:22 am
Topic starter
Thank you.
Posted : June 12, 2018 3:42 am
These are some of my notes having to do with the fix SLHV was talking about:
Make the changes GE posted for the Ciphers in C:\Program Files (x86)\Centricity EMR 9.8 Evaluation Cab\jboss\server\default\deploy\jbossweb.sar\server.xml and I had to copy all the contents from the Oracle\bin directory to the JBoss\jsw directory. Both of these directories are inside the Centricity Eval client directory.
In the server.xml file, change
keystorePass="changeit" sslProtocol="TLS" />
To this (the ciphers= part needs to be all on one line):
keystorePass="changeit" sslProtocol="TLSv1"
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"/>
Then either reboot your computer or restart the JBoss service.
Posted : June 12, 2018 12:45 pm
