Unable to start Apache after installing RSA Authentication Agent 7.1 for Web for Apache 2.2.x on RHEL 5 64-bit: Error while loading shared libraries: libaceclnt.so: cannot open shared object file: No such file or directory
Originally Published: 2013-01-24
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for Web for Apache
RSA Version/Condition: 7.1
Platform: Red Hat
O/S Version: 5
Issue
Unable to start apache after installing agent, "error while loading shared libraries: libaceclnt.so: cannot open shared object file: No such file or directory
The following errors appear in the /etc/httpd/logs/error_log:
Thu Jan 24 15:51:11 2013] [notice] caught SIGTERM, shutting down
rpc_server 18165 started by 18154
AceShutdown try to kill process 18165
acestatus: error while loading shared libraries: libaceclnt.so: cannot open shared object file: No such file or directory
rpc_server 20358 started by 20348
RSALogoffCookieService: error while loading shared libraries: libaceclnt.so: cannot open shared object file: No such file or directory
[Thu Jan 24 15:51:20 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
start child 20359
Cause
As documented by RSA:
Apache versions refer to distributions available on www.apache.org. Prepackaged Apache modules available from other sources or vendors can result in incorrect behavior or missing functionality in the RSA agent.
In this particular use case, the $APACHEHOME is /etc/httpd; therefore when installing the agent, the agent will install to /etc/httpd/rsawebagent.
The Authentication Agent for Web for Apache expects to find the lib and bin directories (and their contents) a subordinate to $APACHEHOME; i. e., /etc/httpd/lib and /etc/httpd/bin respectively. In the use case of the precompiled rpm from Red Hat, it is not. The httpd executable for the rpm version from Red Hat is /usr/sbin, not /usr/local/apache (if --prefix=/usr/local/apache was used when apache was compiled from source), and when looking at an ldd /usr/sbin/httpd, it will search /lib64 and /usr/lib64, thusly be unable to locate or execute calls to libaceclnt.so.
Resolution
In instances where you must use the Apache rpm that is bundled with Red Hat, the following workaround may be used, noting that there may be other issues as the agent was not qualified with the 2.2.3 rpm version from Red Hat after the agent is installed:
As root, create a symbolic link to the libaceclnt.so in the /lib64 directory:
cd /lib64 ln -s /etc/httpd/rsawebagent/libaceclnt.so libaceclnt.so
To view the link:
ls -al libaceclnt.so lrwxrwxrwx 1 root root 36 Jan 24 15:52 libaceclnt.so - /etc/httpd/rsawebagent/libaceclnt.so
See:000016606 - RH Apache Web Agent - error '103: Response to new PIN Request took too long' exception in new pin mode
Related Articles
Apache 2.x fails to start after configuring the RSA Authentication Agent 8.0 for Web for Apache Number of Views RSA Identity Governance & Lifecycle requests stuck in an open state due to datafile resizing Number of Views How to close Open Violations for inactive Segregation of Duties (SoD) and User Access Rules in RSA Identity Governance & L… Number of Views Installing rsaservmgr scripts [exec] error reading information on service rsaservmgr error when installing RSA Web Tier o… Number of Views New PIN Mode and Next Tokencode Mode not working from the web pages using RSA Authentication Agent for Web for Apache on R… Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
