000032612 - AFX Server fails to start after changing the hostname of the RSA Identity Governance & Lifecycle server

Document created by RSA Customer Support Employee on Feb 17, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000032612
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: 6.9.1, 7.x
IssueAfter running modifyhostname.sh on an RSA Identity Governance & Lifecycle hard/soft appliance, the AFX Server fails to start and the following message is displayed:

All remote collector agents and AFX servers will need to have their client
certificates re-created within RSA IMG and then be downloaded and re-deployed.
CauseThis message is explaining that the AFX and remote collection agent client certificates need to be regenerated and redeployed.

When the hostname is changed using the modifyhostname.sh script, the script generates a new server.keystore that uses a newly generated certificate authority (CA) and hostname certificate. When the server.keystore is updated, the AFX and remote collection agent client certificates also need to be updated.
ResolutionSteps to regenerate and redeploy the AFX and remote collection agent client certificates are outlined in the RSA Knowledge Base Article 000038314 -- How to update the root (server) and client certificates in RSA Identity Governance & Lifecycle

Follow the steps in the Resolution section under Update each AFX Server client certificate and Update each remote collection agent client certificate.

NOTE: The first step, Update the server certificate, may be skipped since this was done by running modifyhostname.sh.