Environment
OES2018SP2
OES2015SP1
Situation
When attempting to manage an iPrint Print Manager hosted on an OES 2015 SP1 server using iManager running on an OES 2018 SP2, the following error is returned:
Server chose TLSv1, but that protocol version is not enabled or not supported by the client. IPP Error: 0x40001
Resolution
There are two known causes to the above error:
1. The iManager plugin on the OES 2018 SP2 is outdated and therefore does not TLSv1 compatible.
Resolution:
Upgrade to version iPrint Linux Management Plug-in 2.7.7.20201021 or above.
2. Even after implementing the above solution, the error continues.
Verify that the /etc/opt/novell/tomcat/conf/novell-tomcat.conf on the OES 2018 SP2 server running iManager does not contain an entry like -Dhttps.protocols=TLSv1.2 at the end of the CATALINA_OPTS section:
CATALINA_OPTS=' -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false -Dorg.apache.catalina.STRICT_SERVLET_COMPLIANCE=false -Dorg.apache.jasper.compiler.Parser.STRICT_WHITESPACE=false -Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false -Djdk.tls.ephemeralDHKeySize=2048 -Dhttps.protocols=TLSv1.2'
If it is present, remove it.
Cause
1. OES 2015 SP1 does not support TLSv1.2. The iPrint plug-in has been enhanced to be backward compatible to allow the management of iPrint objects on OES 2015 SP1 servers from an OES 2018 SP2 server. This allows the iPrint plug-in to use TLSv1 to communicate with the OES 2015 SP1 server.
2. Even with the updated plug-in, the error will persist if Tomcat is configured to use TLSv1.