Affected SecureAuth IdP Versions: All
Issue: When a user tries to enroll with the Authenticate v5.0 app, the user gets the following error:
"An SSL error has occurred and a secure connection to the server cannot be made"
Cause:
The SecureAuth Authenticate app cannot establish negotiate a SSL connection to the SecureAuth server. With the latest version of the app, the cipher list was updated and may not be compatible with older insecure ciphers.
Resolution:
Check if the SSL certificate binded to 443 in IIS is expired. If not, you will want to make the changes where the connection terminates whether on the SecureAuth server, or the load balancer.
- Enable TLS 1.1 and 1.2
- Ensure one or more of the following ciphers are enabled:
*TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
*TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
For more information regarding new features and changes to the SecureAuth Authenticate v5.0 app, please go to the following link.
Comments
Please sign in to leave a comment.