RSA Authentication Manager SDK 8.5 (for Java) failed on startup with a "CRED_MISMATCH" error
Originally Published: 2015-12-04
Article Number
Applies To
RSA Product/Service Type: Authentication Manager SDK / API
RSA Version/Condition: 8.5
Platform: Java
Issue
The error message below is reported in the output.
Can't create api: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.java)
at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionFactory.java)
at AuthUser.<init>(AuthUser.java:32)
at AuthUser.main(AuthUser.java:62)
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.java)
at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionFactory.java)
at AuthUser.<init>(AuthUser.java:32)
at AuthUser.main(AuthUser.java:62)
The API log reports the error message below.
[2015-12-03 16:50:30,241] INFO main - staring key negotiation. Connection: ServerConnection [ serviceType=MSGKEY, serviceURL=http://192.168.56.100:5500/Services/MessageKeyService, conn=null]
[2015-12-03 16:50:30,389] ERROR main - Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
[2015-12-03 16:50:30,389] ERROR main - Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
[2015-12-03 16:50:30,389] ERROR main - Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
[2015-12-03 16:50:30,389] ERROR main - Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
Resolution
To resolve it, there are two options that can be performed.
Option 1
- Comment "RSA_AGENT_NAME" in the rsa_api.properties file (when this line was commented out Agent SDK will use it's hostaname as the agent name).
- In Security Console, modify that agent record and change its name to the hostname of the agent machine.
For example: if the Agent machine's hostname is "agentA.emc.lab" then you need to change the agent name in security console to "agentA.emc.lab" instead.
Options 2
Uncomment and give a value to "RSA_AGENT_NAME" in rsa_api.properties file. Then, in Security Console give the same name to that agent record.
For example: You give the value of "RSA_AGENT_NAME" in rsa_api.properties as "AgentA", then, in Security Console, you need to set the agent record name to: "AgentA" as well.
Related Articles
Error "Key negotiation exchange failed. Server response was CRED_MISMATCH" with RSA Authentication Agent SDK 8.6 for Java Number of Views How to configure WildFly Clustering Number of Views Using the Authentication Manager SDK to search for users or groups in All Identity Sources Number of Views Microsoft Exchange 2010 AFX Connector Enable-mailbox command fails with 'Value cannot be null' in RSA Identity Governance … Number of Views How to retrieve content files - Client Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
