Article Content
Article Number | 000014723 |
Applies To | Red Hat Enterprise Linux, RHEL RHEL4 RHEL5 |
Issue | AM8 web tier shows as offline customer is sure the web tier server is online AM8 web tier shows as "Pending Connection" |
Cause | communication problem with the web tier server. This is usually due to name resolution issues, or a networking problem such as a firewall blocking a port. |
Resolution | First, Verify the AM8 virtual appliance is listening on port 7022, with the built-in openssl utility. Use the syntax: openssl s_client -connect (the name or IP of the AM8 server):7022 You should get a response that looks similar to : am8pri:/home/rsaadmin # openssl s_client -connect am8p.vcloud.local:7022 CONNECTED(00000003) depth=1 /CN=RSA root CA for am8pri.vcloud.local/serialNumber=2ebf8701ad9568c2f7815ca3f23f6a13547954d735f80d980b66f9a7d3b6292e verify error:num=19:self signed certificate in certificate chain verify return:0 23421:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1094:SSL alert number 42 23421:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Once this is done, test connectivity from the Web Tier to the server. If the Web Tier is on Red Hat Linux, use the built-in openssl utility in the same way it was done on the AM8 appliance. If the Web Tier server is installed on Win2008, get the open-source openssl utility. A less useful alternative is to install and use the telnet client, but this will only allow you to see if a connection can be made to 'something' on 7022, and not show any ssl information, which can be misleading. An example of the Web Tier port 7022 being blocked by a firewall or networking issue: openssl s_client -connect primary.company.com:7022 Loading 'screen' into random state - done connect: No such file or directory connect:errno=0 An example of the Primary not listening on the Web Tier port, or a misconfigured firewall accepting the conenction but not processing it correctly: openssl s_client -connect primary.company.com:7022 connect: Connection refused connect:errno=111 Other examples of different numbers for connect:errno=x are available on the internet |
Notes | Also see A63594 for Name Resolution issues |
Legacy Article ID | a62748 |