This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Internal replication error occurs after AM8.6 upgrades

Article Number

000067912

Applies To

RSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  8.6

Issue

If trusted root certificate except default is imported, "Internal Replication Error" occurs after AM8.6 upgrades.
(e.g.)
Image descriptionImage description
 

Cause

Because a duplicate error occurs when trying to replicate a certificate that has already been reflected on the replica side from the primary side again.

Resolution

Removing the trusted root certificate on replica side.

Workaround

1. Upgrade both primary and replica to 8.6.
2. Check the replication, if it failed with the related to trusted root certificate (e.g. cert_RADIUS-Root-Cert.der), then login to the database on each REPLICA, run like this command:

delete from ims_certificates where name='cert_RADIUS-Root-Cert.der' and purpose ='RADIUS_TRUST_CERT' and ref_id ='NULL';

3. Then login to PRIMARY database, run this sql:

update RSA_REP.IMS_INSTANCE set deployed_state='out_of_sync' where is_primary='FALSE';

4. Then you should be able to synch the primary to replica in OC.

Notes

The upgrade from AM8.5 to AM8.6 changes the RADIUS from SBR to FreeRADIUS, and the upgrade kit reflects the imported trusted root certificate on the replica side also during the migration process. After the upgrade is completed then reboots, the replica side already has the imported trusted root certificate, which causes a double error for the trusted root certificate then replication status becomes Internal replication error.
You can see the similar messages into ReplicaReplication.log.
Caused by: org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "uk_ims_certificates"
Detail: Key (name, purpose, ref_id)=(cert_RADIUS-Root-Cert.der, RADIUS_TRUST_CERT, NULL) already exists.
There is no Migration process from AM8.6 to AM8.7, so even if the trusted root certificate has already been imported, there will be no problem in replication after the upgrade.
Tags (83)
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-08-23 07:37 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.