000029340 - Promotion of a replica fails in RSA Authentication Manager 8.1

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000029340
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: RSA Authentication Manager
RSA Version/Condition: 8.1.5
Platform: SUSE Linux
 
IssuePromotion of a replica fails in RSA Authentication Manager 8.1 in pre-check stage.
The below errors are in Planned-Promotion-Precheck-20141009112817.log:
ERROR: The Operations Console on the primary instance is not reachable to check replication status or reachability with other replica instances. 
ERROR: Could not access HTTP invoker remote service at [https://myprimary_server_host_name. domain_name.com:7072/operations-console/dispatcher/HttpInvokerPlannedPromotion]; nested exception is org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 20000 ms
The below errors are in am/server/logs/ops-console.log: 
@@@2014-10-02 14:36:21,948 ERROR [PlannedPromoteReplicaPrereqCheck] GUILog.traceException(587) | exception: 
com.rsa.ims.operationsconsole.admin.taskmgr.TaskExecutionException: Error in checking primary instance healthy status: 
at com.rsa.ims.operationsconsole.admin.promote.planned.tasks.CheckOriginalPrimaryHealthyTask.execute(CheckOriginalPrimaryHealthyTask.java:160) 
at com.rsa.ims.operationsconsole.admin.taskmgr.TaskManager.executeTasks(TaskManager.java:42) 
at com.rsa.ims.operationsconsole.admin.impl.OCManageReplicationImpl$1PlannedPromotePrereqCheckSiteThread.run(OCManageReplicationImpl.java:1101) 
at java.lang.Thread.run(Thread.java:680) 
Caused by: org.springframework.remoting.RemoteAccessException: Could not access HTTP invoker remote service at [https://ma05ace02.rc4ss.com:7072/operations-console/dispatcher/HttpInvokerPlannedPromotion]; nested exception is org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 20000 ms 
at org 
CauseThe file Planned-Promotion-Precheck-20141009112817.log clearly indicates that the port 7072 is not open between Replica and Primary servers. 
ERROR: The Operations Console on the primary instance is not reachable to check replication status or reachability with other replica instances. 
Promotion activity on a replica, tries to connect to Primary Operations Console and checks the following: 
a.    To verify replication status and reachability 
b.    To make sure that no backup is scheduled at the time of promotion. 
c.    To make sure that no conflicting operations are currently in progress 
ResolutionOpen the port 7072 in addition to other ports described in page 73 of RSA Authentication Manager 8.1 Setup & Configuration Guide.pdf.
Firewall Ports between RSA Authentication Manager 8.1 Primary and Replica

Attachments

    Outcomes