Support recommends reboot when deploying a Web Tier update in Authentication Manager 8.5 and later
Originally Published: 2021-09-09
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.5.0
Platform: Linux
Platform (Other): null
O/S Version: SUSE Linux 12
Product Name: null
Product Description: null
Issue
After several hours, the customer rebooted the Web Tier, at which point it started working correctly. The Web Tier Readme does not say a reboot is required.
The reboot cleared out effective file descriptor limits and set them back to a reasonable level, and that appears to be the difference that prevented the HTTP 404 errors to the Web Tier
Tasks
2. generate new web tier package
3. Install new version of Web Tier software using the Web Tier package
4. Reboot the Web Tier.
Step 4 is not in the Web Tier Readme or manuals. However, Technical Support has been advocating for a reboot to be added to the documentation as it is typically the first fix tried whenever a new Web Tier is not working correctly after update.
Resolution
* different
During Restart
Aug 13, 2021 12:41:25,655 AM CDT> ExecuteThread: '3' for queue:
<System has file descriptor limits of soft: 16,384, hard: 16,384
Aug 13, 2021 12:41:25,655 AM CDT> <Using effective file descriptor limit of: 16,384 open sockets and files.>
During Reboot
Aug 13, 2021 8:21:16,718 AM CDT> ExecuteThread: '2' for queue:
<Using effective file descriptor limit of: 4,096 open sockets and files.>
Aug 13, 2021 8:21:16,718 AM CDT> <Using effective file descriptor limit of: 4,096 open sockets and files.>
We know that under load testing conditions, much more file descriptors are opened which can result in stack issues. We also know that for years Support has been advocating that our documentation call for a reboot of a Web Tier after it is installed. The Reboot clears out all the file descriptors and starts with a fresh limit. This is the difference and this explains what we have seen.
Notes
===AdminServerWrapper.log===
Aug 13, 2021 12:41:24,846 AM CDT> <Network Configuration for Channel "AdminServer"
Listen Address :7030 (SSL)
Aug 13, 2021 12:41:24,855 AM CDT> <Network Configuration for Channel "VirtualHostChannel"
Listen Address https://:443
Public Address https://:443
* different Aug 13, 2021 12:41:25,655 AM CDT> ExecuteThread: '3' for queue:
<System has file descriptor limits of soft: 16,384, hard: 16,384
Aug 13, 2021 12:41:25,655 AM CDT> <Using effective file descriptor limit of: 16,384 open sockets and files.>
Aug 13, 2021 12:41:25,655 AM CDT> <PosixSocketMuxer was built on Apr 24 2007 16:05:00>
Aug 13, 2021 12:41:25,717 AM CDT> <Allocating 3 reader threads.>
<Native I/O enabled.>
Reboot including restart WT services
===AdminServerWrapper.log===
Aug 13, 2021 8:21:15,606 AM CDT> <Network Configuration for Channel "AdminServer"
Listen Address :7030 (SSL)
Aug 13, 2021 8:21:15,610 AM CDT> <Network Configuration for Channel "VirtualHostChannel"
Listen Address https://:443
Public Address https://:443
* different Aug 13, 2021 8:21:16,718 AM CDT> ExecuteThread: '2' for queue:
<Using effective file descriptor limit of: 4,096 open sockets and files.>
Aug 13, 2021 8:21:16,718 AM CDT> <Using effective file descriptor limit of: 4,096 open sockets and files.>
Aug 13, 2021 8:21:16,719 AM CDT> <PosixSocketMuxer was built on Apr 24 2007 16:05:00>
Aug 13, 2021 8:21:16,797 AM CDT> <Allocating 3 reader threads.>
<Native I/O enabled.>
Related Articles
How to address a customer request for Customer Support to perform RSA Web Threat Detection upgrade Number of Views Why do I need to run the SFTP service with a specific user? Number of Views Authentication Manager 8.x upgrade fails with error "Failed to launch the update installer to apply the update" Number of Views How to upload files to RSA Customer Support for analysis Number of Views What you need to do before you add new policies with Session Attributes - Spring Release Migration Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
