|Applies To||Authentication Manager SDK 7.1|
Redhat Linux Advanced Server 5
|Issue||Resolve SDK client not starting SSL when connecting to Authentication Manager|
Exception in thread "main" com.rsa.common.SystemException: Command target (CommandAPIConnection) initialization failure
javax.naming.CommunicationException [Root exception is java.net.ConnectException: t3s://server.lab.test.com:7002: Destination unreachable; nested exception is:
Network trace shows TCP connection only (no SSL). Eventually (more than a minute later for example) data send attempted but by then Authentication Manager has timed out the connection.
|Cause||This can occur to a lack of required entropy in /dev/random for the SSL cryptographic functions. Using strace will show incomplete read attempts from /dev/random.|
|Resolution||Ensure adequate usage of the server so that the entropy pool does not become exhausted. However, if that is not possible, the best workaround is to change the implementation of /dev/random to a pseudorandom source (as used in /dev/urandom). You can do this by using|
mknod -m 0644 /dev/random c 1 9
Reference: man -S4 random.
|Notes||This scenario is most likely to occur when using a server for the SDK client (no connected keyboard/mouse) as much of the entropy generation is based on activity from these input devices.|
|Legacy Article ID||a49386|