000030220 - Agent log file shows CT_REPLY_PARSE_ERROR after updating servers to RSA Access Manager 6.2.2 (SP2) or later

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030220
Applies ToRSA Product Set: ClearTrust
RSA Product/Service Type: Access Manager
RSA Version/Condition: 6.2
Platform: Linux
Platform (Other):
O/S Version:
Product Name: RSA-0010020
Product Description: Access Manager
IssueAfter upgrading the RSA Access Manager servers to 6.2.2 (SP2) or later the RSA Access Manager Agent logs the following message at CRITICAL log level 
2015-04-23 15:45:33 -0700 - [3972] - <Critical> - Error creating Runtime API connection: request to 192.168.206.133:5608 failed [CT_REPLY_PARSE_ERROR]
CauseOlder RSA Access Manager Agents are not compatible with RSA Access Manager 6.2.2 (SP2) servers due to a difference in the way the agents parse the aserver list returned by the dispatcher. 
The 4.6, 4.7 and 4.8 Agents are no longer supported and do not work with current RSA Access Manager server versions.   Older runtmeAPI clients or agents using the java runtimeAPI may still work.
ResolutionUpgrade to a supported Agent version.
WorkaroundYou can work around this issue by having the agents connect directly to the aserver and not use the dispatcher.  The incompatibility appears to be just with the ability of the agents to receive the aserver list from the dispatcher.   

 

Comment out this line:

 

#cleartrust.agent.dispatcher_list=localhost:5608

 

And then list the aservers that you wish to use for the legacy agents specifically on the aserver list. 

 

cleartrust.agent.auth_server_list=192.168.1.1:5615:,192.168.1.2:5615

Attachments

    Outcomes