000027980 - Appliance 3.0- Unable to resolve replica fully-qualified domain name FQDN Domain.com to IP x.x.x.x

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027980
Applies ToRSA Appliance 3.0
Appliance 3.0
IssueSuccessfully Generate a Replica package

When generating a new replica package via the appliance operations console you will receive the following error:

There was a Problem processing your request.

Unable to resolve replica fully-qualified domain name Domain.com to IP x.x.x.x

CauseYou will get this error even though you have the correct FQDN defined in the hosts file or DNS. The cause of the problem is a java DNS cache issue. Should you encounter this issue we would recommend that you see if the supplied workaround resolves your issue but also please report that you have encountered the issue to RSA Customer Support

Verify Name resolution is correct and consistent

From the appliance Primary, do:

nslookup  (the IP address that will be used for the Replica)     This must return the correct lowercase fully-qualified hostname that will be used for the Replica

ping (fully-qualified hostname to be used for the Replica)

ping  (shortname to be used for the Replica)

If name resolution has problems, fix them before continuing.

check /etc/hosts, make sure it includes an entry for the Replica that looks something like this:      replica.company.com       replica 

Create the replica package from the command line

1.        Enable SSH on the appliance via the Operations Console

2.        Logon Credentials will be: User name = emcsrv and password = the operating system password created during quick setup

3.        Run sudo su rsaadmin

4.        Change directory to : /usr/local/RSASecurity/RSAAuthenticationManager/utils

4a. run:    . ./rsaenv    (please notice this starts with dot-space-dot-slash)

5.        Run the following command: ./rsautil gen-replica-pkg , for example:

Enter the replica fully-qualified hostname: pluto.csau.ap.rsa.net

Enter the replica IP:

Generate primary data file offline? (Y | N): n

Enter administrator user ID: : superadmin

Enter Admin Password: ***********

Enter Master Password: ***********

Generating the replica package...


Successfully generated replica package file pluto-replica.pkg


Successfully generated primary data file /usr/local/RSASecurity/RSAAuthenticationManager/db/oradata/xsvbid8i/samurai.csau.ap.rsa.net-xsvbid8i-2134415.dmp



          In this example you are prompted for the ?administrator userID?; this is a user of the Security Console with the superadmin role 

6.        Enter the information prompted for, this will generate your replica package.

7.        Copy the created files to /tmp

8.        Exit out of the rsaadmin user back to the emcsrv user

9.        Run sudo su ? root

10.     Change directory to /tmp

11.     Change ownership of the file(s) you copied here using the chown command , for example chown emcsrv samurai.csau.ap.rsa.net-xsvbid8i-2134415.dmp

12.     Use a utility such as WinSCP or PSCP to copy the files off to a local Windows PC using the emcsrv username and password for the credentials




(Alternative) To fix the error in order to use the Browser to generate the replica package.

1. Remove all references to the FQDN from the /etc/hosts file.

2. Disable DNS on the system and restart the server. To disable DNS you can comment out the entries on /etc/resolv.conf

also make sure the information on the /etc/nsswitch.conf is pointing to hosts:      files dns

3. Once the server is started, update the /etc/hosts file with the FQDN of the replica server and generate the replica package from the Operations Console.

Note: Do not enable DNS on the system prior to a successful generation of the replica package.


How to use vi editor in Linux

Login to Appliance with SSH to the Appliance with the ?emcsrv? account, using the Operating System Password

a.       sudo su -           <enter Operating System Password again>

b.       #     prompt means you are root

                vi /etc/hosts

                i    puts you in insert mode

                move cursor to bottom, add/edit this following line.  You can Backspace in Insert mode to erase.  Enter IP  <FQDN>   <shortname>

                         rsa01.support.na.rsa.net                 rsa01

                 <esc> gets you out of insert mode (you can backspace to delete while in insert mode)

                :wq                will save your work,                :q!           will quit without saving

                 exit                  <to leave root and go back to   emcsrv>

See A43345 for a similar solution on Windows and A54180 for similar information on UNIX
Legacy Article IDa44221