A Firewall is blocking Remote AFX Agents and Remote Collection Agents from communicating with the Application Server in RSA Identity Governance & Lifecycle
Originally Published: 2020-08-14
Article Number
Applies To
RSA Version/Condition: 6.9.1, 7.0.x, 7.1.x
Issue
Cause
RSA Identity Governance & Lifecycle Root (Server) and Client Certificates are not compliant with the RFC-5280 standard. As a result, firewalls may block communication with Remote AFX Agents and Remote Collection Agents.
Resolution
- Upgrade to RSA Identity Governance & Lifecycle 7.2.0.
- Regenerate the server and client certificates as instructed in RSA Knowledge Base Article 000038314 -- How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle.
Workaround
Related Articles
AFX Server fails to start in RSA Identity Governance & Lifecycle Number of Views How to recover the Application and AFX after an unexpected database failure in RSA Identity Governance & Lifecycle Number of Views Troubleshooting AFX Server issues in RSA Identity Governance & Lifecycle Number of Views Entitlements manually added when an Application has 'Complete Manual Activity Before Collection' enabled do not show in th… Number of Views Remote AFX Server fails to start with an SSLHandshakeException error in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
