I tried to edit IntroscopeEnterpriseManager.properties and make the properties for channel look like below and it still breaks.
#######################
# Port Settings
#
# ================
# The EM is configured with several communication channels.
# To enable a communication channel, add the channel id to the
# comma separated list of enabled channels. Likewise, a communication
# channel may be disabled by removing it from that same list.
#
# All communication to the EM is obfuscated, and passwords are always encrypted.
# The enabled communication channels.
introscope.enterprisemanager.enabled.channels=channel1
# Use this to enable both the default channel and secure channel.
#introscope.enterprisemanager.enabled.channels=channel1,channel2
# The default communication channel.
introscope.enterprisemanager.serversocketfactory.channel1=com.wily.isengard.postofficehub.link.net.server.DefaultServerSocketFactory
introscope.enterprisemanager.port.channel1=
# The secure (SSL) communication channel.
introscope.enterprisemanager.serversocketfactory.channel2=com.wily.isengard.postofficehub.link.net.server.SSLServerSocketFactory
introscope.enterprisemanager.port.channel2=5443
# Location of a keystore containing certificates for authenticating the EM to clients.
# Either an absolute path or a path relative to the config directory.
# On Windows, backslashes must be escaped. For example:
# introscope.enterprisemanager.keystore.channel2=C:\\Introscope\\config\\internal\\server\\keystore
introscope.enterprisemanager.keystore.channel2=internal/server/keystore
# Set this property to true to enable encryption of introscope.enterprisemanager.keypassword.channel2
# Once introscope.enterprisemanager.keypassword.channel2 is encrypted,
# this property is automatically set to false.
#
# To change the existing password, enter the new password and set this property to true.
# Note: If this property is set to true and the password is not changed, the existing encrypted password will be encrypted again.
# If password field for a new channel is configured, add the corresponding
# plaintextpassword field and set it to true to enable encryption.
introscope.enterprisemanager.keypassword.channel2.plaintextpassword=true
# The password for the keystore.
introscope.enterprisemanager.keypassword.channel2=password
# Location of a truststore containing trusted client certificates.
# Either an absolute path or a path relative to the config directory.
# On Windows, backslashes must be escaped. For example:
# introscope.enterprisemanager.truststore.channel2=C:\\Introscope\\config\\internal\\server\\keystore
# The truststore is optional. It is needed only if client authentication is required.
# If no truststore is specified, the EM trusts all client certificates.
#introscope.enterprisemanager.truststore.channel2=internal/server/keystore
# Set this property to true to enable encryption of introscope.enterprisemanager.trustpassword.channel2
# Once introscope.enterprisemanager.trustpassword.channel2 is encrypted,
# this property is automatically set to false.
#
# To change the existing password, enter the new password and set this property to true.
# Note: If this property is set to true and the password is not changed, the existing encrypted password will be encrypted again.
# If password field for a new channel is configured, add the corresponding
# plaintextpassword field and set it to true to enable encryption.
# introscope.enterprisemanager.trustpassword.channel2.plaintextpassword=false
# The password for the truststore
#introscope.enterprisemanager.trustpassword.channel2=password
# Set to true to require clients to authenticate.
# If true, clients must be configured with a keystore containing a certificate trusted by the EM.
# Default is false
introscope.enterprisemanager.needclientauth.channel2=false
# Set the enabled cipher suites.
# A comma-separated list of cipher suites.
# If not specified, use the default enabled cipher suites.
#introscope.enterprisemanager.ciphersuites.channel2=
# Set the enabled protocols.
# A comma-separated list of protocols.
# Comment it to use the default enabled protocols.
# For SUN/Oracle JVM the user can add SSLv2Hello protocol.
# IBM JVM accepts SSL_TLSv2, SSL_TLS, TLS protocols as well
introscope.enterprisemanager.protocols.channel2=TLSv1.2,TLSv1.1,TLSv1