Search FAQs
Unable to add PowerChute Business Edition Agent to PowerChute Business Edition Console/Server after upgrading the JRE version with JRE Configuration Tool
Issue:
Upgrading the JRE version of the PowerChute Business Edition Agent via the JRE Configuration Tool runs as expected and the service/daemon is restarted successfully. The following error messages appear: “Could not login to <device>” or “Failed to add <device>” when trying to add the PowerChute Business Edition Agent via the Console or Server.
Product Line:
PowerChute Business Edition versions 9.0, 9.0.1, 9.1.0, 9.0.2, 9.1.1, 9.0.3, 9.2.0, 9.0.4, 9.2.1
Environment:
OS: Linux, Solaris, Windows x64, x86
Cause:
The latest release of Java JRE 8u60 (and greater) contains a security update which prevents communication between the PowerChute Business Edition Server and the PowerChute Business Edition Agent.
Solution:
After upgrading the Java JRE version to 8u60 but lest than 8u162, perform the following steps:
1. Stop the PowerChute Business Edition Agent service/daemon.
Windows:
net stop apcpbeagent
Linux:
/etc/init.d/PBEAgent stop
2. In the Powerchute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations –
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
New:
jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 256
After upgrading the Java JRE version to 8u162 or greater, perform the following steps:
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_162\lib\security\
Program Files (x86)
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_162\lib\security
Linux:
Navigate to /usr/java/jre1.8.0_162\lib\security(Default Java JRE install directory)
Steps:
1.Open the java.security file
2.Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
3.Remove RC4, RC4_40 as a disabledAlgorithm
4.Change DH keysize restriction from 1024to 256
Original:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40
New:
jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize <256, \
EC keySize < 224, DES40_CBC
3. The following step needs to be carried out for PowerChute Business Edition Agent versions 9.0 and 9.0.1 if it is managed by a Powerchute Business Edition Console/Server.
In the Powerchute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations –
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line (should be at the end of the file) containing the jdk.tls.legacyAlgorithms setting and remove ‘RC4_128,’ from it:
Original:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC
New:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_40, DES_CBC, DES40_CBC
4. Start the PowerChute Business Edition Agent service/daemon
Windows:
net start apcpbeagent
Linux:
/etc/init.d/PBEAgent start
Upgrading the JRE version of the PowerChute Business Edition Agent via the JRE Configuration Tool runs as expected and the service/daemon is restarted successfully. The following error messages appear: “Could not login to <device>” or “Failed to add <device>” when trying to add the PowerChute Business Edition Agent via the Console or Server.
Product Line:
PowerChute Business Edition versions 9.0, 9.0.1, 9.1.0, 9.0.2, 9.1.1, 9.0.3, 9.2.0, 9.0.4, 9.2.1
Environment:
OS: Linux, Solaris, Windows x64, x86
Cause:
The latest release of Java JRE 8u60 (and greater) contains a security update which prevents communication between the PowerChute Business Edition Server and the PowerChute Business Edition Agent.
Solution:
After upgrading the Java JRE version to 8u60 but lest than 8u162, perform the following steps:
1. Stop the PowerChute Business Edition Agent service/daemon.
Windows:
net stop apcpbeagent
Linux:
/etc/init.d/PBEAgent stop
2. In the Powerchute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations –
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
- Remove RC4 as a disabledAlgorithm
- Change DH keysize restriction from 768 to 256
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
New:
jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 256
After upgrading the Java JRE version to 8u162 or greater, perform the following steps:
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_162\lib\security\
Program Files (x86)
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_162\lib\security
Linux:
Navigate to /usr/java/jre1.8.0_162\lib\security(Default Java JRE install directory)
Steps:
1.Open the java.security file
2.Go to the line containing the jdk.tls.disabledAlgorithms setting and carry out the following:
3.Remove RC4, RC4_40 as a disabledAlgorithm
4.Change DH keysize restriction from 1024to 256
Original:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40
New:
jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DH keySize <256, \
EC keySize < 224, DES40_CBC
3. The following step needs to be carried out for PowerChute Business Edition Agent versions 9.0 and 9.0.1 if it is managed by a Powerchute Business Edition Console/Server.
In the Powerchute JRE folder, open the file lib\security\java.security using a text editor.
Sample JRE locations –
Windows x86:
C:\Program Files\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Windows x64:
C:\Program Files (x86)\APC\PowerChute Business Edition\JreConfigTool\1.8.0_60
Linux:
/usr/java/jre1.8.0_60 (Default Java JRE install directory)
Go to the line (should be at the end of the file) containing the jdk.tls.legacyAlgorithms setting and remove ‘RC4_128,’ from it:
Original:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC
New:
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_40, DES_CBC, DES40_CBC
4. Start the PowerChute Business Edition Agent service/daemon
Windows:
net start apcpbeagent
Linux:
/etc/init.d/PBEAgent start
Released for:APC Egypt
Did this answer your question?
Explore more
Explore more
