AppSync: Adding an XIO Array that has been hardened to use TLS 1.2 only fails with: Error: 500 GET /api/json/types/xms?full-1&prop=version&prop=name

Summary: Describes an issue and solution for connecting TLS 1.2 only XtremIO arrays to AppSync

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms


AppSync is unable to add an XIO array that has been locked down to use TLS 1.2 only.

A pop-up error is received when adding the array which states:
 

Error: 500 GET /api/json/types/xms?full-1&prop=version&prop=name


The AppSync Server log will show that the response from the array states the user is not authorized, like so:
 

response is:

{ "message": "unauthorized_user", "error_code": 400}

Cause

AppSync has not been natively adjusted to work with an XIO array that has been locked down to use TLS 1.2 only.

Resolution

Workaround:

The workaround involves editing the AppSync file: C:\EMC\AppSync\apache-tomcat\conf\server.xml

  • Ensure there is no AppSync activity
  • Save a copy of the server.xml file to a safe location.
  • Edit the server.xml file with notepad, replacing this line:
<Connector SSLEnabled="true" clientAuth="false" keystoreFile="C:\EMC\AppSync\jboss\standalone\configuration\cas.jks" maxThreads="150" port="8444" protocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslEnabledProtocols="TLSv1.1, TLSv1.2" />

with this line: 


 <Connector SSLEnabled="true" clientAuth="false" keystoreFile="C:\EMC\AppSync\jboss\standalone\configuration\cas.jks" maxThreads="150" port="8444" protocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslEnabledProtocols="TLSv1.1, TLSv1.2" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" />

 

  • Stop the 3 AppSync Server related services.
  • Start the 3 AppSync Server related services in the proper order:
the proper order (EMC AppSync Datastore Service first, AppSync Security Service second, AppSync Server Service third)

Now the XIO Array addition to AppSync will succeed.

Additional Information

The Workaround can be used for AppSync 3.9.x.x and 4.0.0.0.
If the workaround has been performed on AppSync 3.9.x.x, it will need to be reapplied manually following an upgrade to AppSync 4.0. 
For versions post AppSync 4.0.0.0, please refer to the release notes for additional information.

Affected Products

AppSync

Products

AppSync
Article Properties
Article Number: 000173255
Article Type: Solution
Last Modified: 04 Apr 2025
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.