Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000039238 - A Firewall is blocking Remote AFX Agents and Remote Collection Agents from communicating with the Application Server in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support

on Aug 15, 2020

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000039238
Applies To	RSA Product Set: RSA Identity Governance & Lifecycle RSA Version/Condition: 6.9.1, 7.0.x, 7.1.x
Issue	A firewall is blocking Remote AFX Agents and Remote Collection Agents from communicating with the RSA Identity Governance & Lifecycle Application Server. The firewall is reporting the communication as a security threat. As a result, neither agent can successfully start.
Cause	This is a known issue reported in engineering ticket ACM-92819. RSA Identity Governance & Lifecycle Root (Server) and Client Certificates are not compliant with the RFC-5280 standard. As a result, firewalls may block communication with Remote AFX Agents and Remote Collection Agents.
Resolution	This issue is resolved in RSA Identity Governance & Lifecycle 7.2.0. Follow these steps to fully resolve the issue: Upgrade to RSA Identity Governance & Lifecycle 7.2.0. Regenerate the server and client certificates as instructed in RSA Knowledge Base Article 000038314 -- How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle.
Workaround	Open up the firewall to allow the communication.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

000039236 - Root (Server) and Client Certificates are RFC-5280 compliant starting in version 7.2.0 of RSA Identity Governance & Lifecycle
000038030 - Troubleshooting AFX Server issues in RSA Identity Governance & Lifecycle