Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000014723 - AM8 web tier shows as offline or pending connection

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000014723
Applies To	Red Hat Enterprise Linux, RHEL RHEL4 RHEL5
Issue	AM8 web tier shows as offline customer is sure the web tier server is online AM8 web tier shows as "Pending Connection"
Cause	communication problem with the web tier server. This is usually due to name resolution issues, or a networking problem such as a firewall blocking a port.
Resolution	First, Verify the AM8 virtual appliance is listening on port 7022, with the built-in openssl utility. Use the syntax: openssl s_client -connect (the name or IP of the AM8 server):7022 You should get a response that looks similar to : am8pri:/home/rsaadmin # openssl s_client -connect am8p.vcloud.local:7022 CONNECTED(00000003) depth=1 /CN=RSA root CA for am8pri.vcloud.local/serialNumber=2ebf8701ad9568c2f7815ca3f23f6a13547954d735f80d980b66f9a7d3b6292e verify error:num=19:self signed certificate in certificate chain verify return:0 23421:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1094:SSL alert number 42 23421:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Once this is done, test connectivity from the Web Tier to the server. If the Web Tier is on Red Hat Linux, use the built-in openssl utility in the same way it was done on the AM8 appliance. If the Web Tier server is installed on Win2008, get the open-source openssl utility. A less useful alternative is to install and use the telnet client, but this will only allow you to see if a connection can be made to 'something' on 7022, and not show any ssl information, which can be misleading. An example of the Web Tier port 7022 being blocked by a firewall or networking issue: openssl s_client -connect primary.company.com:7022 Loading 'screen' into random state - done connect: No such file or directory connect:errno=0 An example of the Primary not listening on the Web Tier port, or a misconfigured firewall accepting the conenction but not processing it correctly: openssl s_client -connect primary.company.com:7022 connect: Connection refused connect:errno=111 Other examples of different numbers for connect:errno=x are available on the internet
Notes	Also see A63594 for Name Resolution issues
Legacy Article ID	a62748

Attachments

Outcomes

0 Comments

Recommended Content