--- title: Troubleshooting description: The following list indicates some potential problems and resolutions you might encounter with the PingAccess agent for RHEL. component: pingaccess version: 9.0 page_id: pingaccess:agents_and_integrations:pa_apache_rhel_troubleshooting canonical_url: https://docs.pingidentity.com/pingaccess/9.0/agents_and_integrations/pa_apache_rhel_troubleshooting.html revdate: February 6, 2023 --- # Troubleshooting The following list indicates some potential problems and resolutions you might encounter with the PingAccess agent for RHEL. > **Collapse: Agent receives an unknown protocol error when attempting to contact the administrative node** > > This can indicate that the operating system is using sha1 for encryption. This protocol is no longer supported by default in PingAccess. > > We recommend switching to SHA-256. If you cannot switch to SHA-256, you can re-enable SHA-1: > > 1. Open the `run.properties` file. > > 2. Add TLSv1 to the protocol list. For example: > > ``` > tls.default.protocols=TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 > ``` > > 3. Add the SHA entries to the cipher suites list. For example: > > ``` > tls.default.cipherSuites = TLS_CHACHA20_POLY1305_SHA256,\ > TLS_AES_256_GCM_SHA384,\ > TLS_AES_128_GCM_SHA256,\ > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,\ > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,\ > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,\ > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,\ > TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,\ > TLS_EMPTY_RENEGOTIATION_INFO_SCSV, \ > TLS_RSA_WITH_AES_128_CBC_SHA, \ > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \ > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, \ > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, \ > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA > ```