|Applies To||RSA Certificate Manager 6.8|
Microsoft Windows 2003
ADAM High Availability
Sun One High Availability
|Issue||Revocation List Timers - High Availability not working|
Configured RSA CM 6.8 with external LDAP. RCM is not able to generate CRL automatically when configured through Revocation List Timer - High Availability.
The basic installation (with internal Secure Directory) it works fine.
|Cause||IP address was used to configure Revocation List Timers - High Availability configuration page.|
The host name used to configure primary and/or secondary instance on Revocation List Timers - High Availability configuration page did not match with the host name RSA CM detected internally.
|Resolution||Fully-qualified host name (and not IP), in most cases, should be used when configuring Revocation List Timers - High Availability page. Additionally, the host name configured on admin interface must match with what RCM automatically detects internally. Here are the steps required to configure revocation list timers when high availability is configured:|
1. Configure CRL timers for a CA through System Configuration workbench -> Configure Revocation List Timers
2. Configure the primary instance hostname (FQDN and not IP address) and secure port through System Configuration -> Revocation List Timers - High Availability (see Note below to obtain a tool to determine the hostname RCM detects internally)
3. Restart RCM instances.
|Notes||Contact RSA Customer Support to obtain a tool called "gethostname" (only available for Windows and Solaris platforms). Run gethostname on the command prompt and note the host name shown against "Official name:". For example, here is a sample output:|
gethostname retrieved rsatestbox
Calling gethostbyname with rsatestbox
Official name: rsatestbox.internal.rsa.net
Address type: AF_INET
Address length: 4
IP Address #1: 18.104.22.168
IP Address #2: 192.168.123.123
IP Address #3: 192.168.234.1
IP Address #4: 192.168.345.1
C:\> gethostname ?
to detect local host name
to return the host based on IP
to return the IP addresses for a host
|Legacy Article ID||a46692|