SecurID Authentication API service down on RSA Authentication Manager 8.x
Originally Published: 2021-07-09
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.2.1, 8.3, 8.4, 8.5
Issue
- RSA SecurID Authentication API is enabled per the settings mentioned below, all RSA Authentication manager services are running but the authentication API appears to be down.
- REST API was working before but suddenly stops working. There is no listener on port 5555 on RSA Authentication Manager.
rsaadmin@bharatham85p:~> netstat -an |grep 5555 rsaadmin@bharatham85p:~>
- iptables are good and is 'not' set to DROP port 5555
Cause
The log snipped below is from the biztier.log, located at /opt/rsa/am/server/logs/biztier.log
####<Jul 7, 2021 9:01:01,809 PM UTC> <Error> <Server> <rsaamdevwf1> <biztier> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <8bd24d2d-6160-478b-86c2-c756c2500eab-00000015> <1625778061809> <[severity-value: 8] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > <BEA-002606> <The server is unable to create a server socket for listening on channel "AuthnServiceHttpsChannel[1]". The address 0:0:0:0:0:0:0:1%lo might be incorrect or another process is using port 5555: java.io.IOException: Identity certificate has expired:
Resolution
- Generate a new CSR, import the same and activate it. refer Replacing the Console Certificate
- If you have recently updated the AM Primary console cert and facing this issue, REST has a cache of old console cert. To resolve the issue Flush the cache and later Reboot the Appliance
Notes
18627:INFO | jvm 1 | main | 2021/07/08 10:19:22 | <Jul 8, 2021 11:15:19,297 AM EDT> <Notice> <Server> <BBEA-002606> <Channel "AuthnServiceHttpsChannel" is now listening on 192.168.20.152:5555 for protocols https.> where 192.168.20.152 is the IP address of RSA Authentication manager server
Related Articles
Best Practices for backup and restoration of FIM configuration and secrets files Number of Views RSA Governance & Lifecycle Advanced Dashboards Library Release Notes - Revision 2.0 Number of Views Device Settings for Risk-Based Authentication Number of Views How to generate a vettor certificate from a PKCS#10 (CSR) request Number of Views Interoperability between RSA Authentication Agent 7.x for Microsoft Windows and RSA Authentication Agent for Web for IIS Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
