Search FAQs
Unable to access PowerChute Business Edition Server from the PowerChute Business Edition Console after upgrading the JRE version with JRE Configuration Tool
Issue:
When upgrading the JRE version, the JRE Configuration Tool runs as expected and both APC PBE Agent (if applicable) and APC PBE Server services are started. When the PowerChute Business Edition Console is launched and username and password is entered, an error window is displayed stating that the server is not accessible.
Product Line:
PowerChute Business Edition versions 9.0, 9.0.1, 9.1.0, 9.0.2, 9.1.1, 9.0.3, 9.2.0, 9.0.4, 9.2.1
Environment:
OS: Windows x64, x86
Cause:
The latest release of Java JRE 8u60 (and greater) contains a security update which prevents communication between the PowerChute Business Edition Console and the PowerChute Business Edition Server.
Solution:
After upgrading the Java JRE version to 8u60 (or greater), perform the following steps:
1. Stop the PowerChute Business Edition Agent and Server services.
You can do this from the command line (Run as administrator) with the following command:
Server:
net stop apcpbeserver
Agent (if installed):
net stop apcpbeagent
2. In the PowerChute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations -
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
New:
jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 256
3. The following step needs to be carried out for PowerChute Business Edition Agent versions 9.0 and 9.0.1 if it is managed by a PowerChute Business Edition Console/Server.
In the PowerChute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations -
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line (should be at the end of the file) containing the jdk.tls.legacyAlgorithms setting and remove 'RC4_128,' from it:
Original:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC
New:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_40, DES_CBC, DES40_CBC
4. Start the PowerChute Business Edition Agent and Server services
You can do this from the command line (Run as administrator) with the following command:
Server:
net start apcpbeserver
Agent (if installed):
net start apcpbeagent
When upgrading the JRE version, the JRE Configuration Tool runs as expected and both APC PBE Agent (if applicable) and APC PBE Server services are started. When the PowerChute Business Edition Console is launched and username and password is entered, an error window is displayed stating that the server is not accessible.
Product Line:
PowerChute Business Edition versions 9.0, 9.0.1, 9.1.0, 9.0.2, 9.1.1, 9.0.3, 9.2.0, 9.0.4, 9.2.1
Environment:
OS: Windows x64, x86
Cause:
The latest release of Java JRE 8u60 (and greater) contains a security update which prevents communication between the PowerChute Business Edition Console and the PowerChute Business Edition Server.
Solution:
After upgrading the Java JRE version to 8u60 (or greater), perform the following steps:
1. Stop the PowerChute Business Edition Agent and Server services.
You can do this from the command line (Run as administrator) with the following command:
Server:
net stop apcpbeserver
Agent (if installed):
net stop apcpbeagent
2. In the PowerChute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations -
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
- Remove RC4 as a disabledAlgorithm
- Change DH keysize restriction from 768 to 256
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
New:
jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 256
3. The following step needs to be carried out for PowerChute Business Edition Agent versions 9.0 and 9.0.1 if it is managed by a PowerChute Business Edition Console/Server.
In the PowerChute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations -
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line (should be at the end of the file) containing the jdk.tls.legacyAlgorithms setting and remove 'RC4_128,' from it:
Original:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC
New:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_40, DES_CBC, DES40_CBC
4. Start the PowerChute Business Edition Agent and Server services
You can do this from the command line (Run as administrator) with the following command:
Server:
net start apcpbeserver
Agent (if installed):
net start apcpbeagent
Released for:APC Denmark
Did this answer your question?
