The Candlepin service fails in Red Hat Satellite 6 with error "Failed to open TCP connection to localhost:23443 (Connection refused - connect(2) for "localhost" port 23443)" when FIPS policy FUTURE set

Solution Verified - Updated -

Issue

  • Candlepin won't start on the newly installed Red Hat Satellite 6.11 server.

  • Candlepin service failing on the below error on a new installation.

     Status:          FAIL
 Server Response: Message: Failed to open TCP connection to localhost:23443 (Connection refused - connect(2) for "localhost" port 23443)
 candlepin_auth:   
 Status:          FAIL
  Server Response: Message: A backend service [ Candlepin ] is unreachable

    15-Aug-2022 04:24:26.749 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["https-jsse-nio-127.0.0.1-23443"]
15-Aug-2022 04:24:26.869 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-23443]]

    Aug  9 14:06:03 server[13678]: #011Caused by: java.lang.IllegalArgumentException: None of the [ciphers] specified are supported by the SSL engine : [[SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]]

Environment

  • Red Hat Satellite 6.11
  • Red Hat Enterprise Linux 8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content