This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Request Entity Too Large error when upgrading from RSA Authentication Manager 8.3 patch 6 to 8.4

Article Number

000037805

Applies To

RSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager 
RSA Version/Condition:  8.3.0.4, 8.3.0.6

Issue

According to the documentation, if you're upgrading RSA Authentication Manager from 8.3 to 8.4 while using the browser as the update source, you have to first upgrade to 8.3 patch 4 or patch 6 to be able to continue upgrading to 8.4. 

However, even with the patch installed when trying to apply the 8.4 update, the following error is received:

Error 413--Request Entity Too Large

Image descriptionImage description

Cause

The maximum upload size allowed by the Operations Console is 2GB by default, while the RSA Authentication Manager 8.4 upgrade ISO is 3GB+.   The RSA Authentication Manager 8.3 patch 4/patch 6 upgrade increases the upload size temporarily to 4GB. However, sometimes this change is reverted prior to applying the 8.4 update. 

Resolution

To resolve the error, use another update source other than the local browser. 
  1. Login to the Operations Console
  2. Navigate to Maintenance > Update & Rollback.
  3. Click Configure Update Source.
  4. Select another update source from the available options (NFS, Windows Share, DVD/CD)
  5. According to the selected update source if additional configuration is needed, add them.
  6. Click Save.

Workaround

Edit the configuration files to allow 4GB upload size instead of 2GB. 
  1. Launch an SSH client, such as PuTTY.
  2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.

  1. Navigate to /opt/rsa/am/server/config/.
  2. Take a backup of the configuration file:
cp /opt/rsa/am/server/config/config.xml /opt/rsa/am/server/config/config.xml.bak
  1. Open the config.xml using a text editor like vim:
vim /opt/rsa/am/server/config/config.xml
  1. Find the entry for <max-post-size>, shown in bold below:
<web-server>
  <name>AdminServer</name>
  <web-server-log>
    <name>AdminServer</name>
    <file-name>../../logs/AdminServer_access.log</file-name>
    <rotation-type>bySize</rotation-type>
    <file-count>5</file-count>
    <file-min-size>5120</file-min-size>
    <elf-fields>c-ip date time time-taken cs-method cs-uri sc-status bytes</elf-fields>
    <log-file-format>extended</log-file-format>
  </web-server-log>
  <post-timeout-secs>15</post-timeout-secs>
  <max-post-time-secs>3600</max-post-time-secs>
  <max-post-size>2000000000</max-post-size>
</web-server>
  1. Press i to enter Insert mode.
  2. Edit the <max-post-size> value to be 4000000000, instead of 2000000000:
<web-server>
  <name>AdminServer</name>
  <web-server-log>
    <name>AdminServer</name>
    <file-name>../../logs/AdminServer_access.log</file-name>
    <rotation-type>bySize</rotation-type>
    <file-count>5</file-count>
    <file-min-size>5120</file-min-size>
    <elf-fields>c-ip date time time-taken cs-method cs-uri sc-status bytes</elf-fields>
    <log-file-format>extended</log-file-format>
  </web-server-log>
  <post-timeout-secs>15</post-timeout-secs>
  <max-post-time-secs>3600</max-post-time-secs>
  <max-post-size>4000000000</max-post-size>
</web-server>
  1. Press Esc to exit from Insert mode
  2. Type :wq! and press Enter to save and exit.
  3. Take a backup of AdminServerWrapper.conf
cp /opt/rsa/am/server/wrapper/AdminServerWrapper.conf /opt/rsa/am/server/wrapper/AdminServerWrapper.conf.bak
  1. Open AdminServerWrapper.conf using a text editor like vim:
vim /opt/rsa/am/server/wrapper/AdminServerWrapper.conf
  1. Press <i> to enter Insert mode.
  2. Add the following to the end of the file:
wrapper.java.additional.52=-Dweblogic.configuration.schemaValidationEnabled=false

The number 52 is a unique number to the additional configuration rule. It might need to be changed according to your version.

  1. Press <Esc> to exit Insert mode.
  2. Type :wq! and hit Enter to save and exit.
  3. Restart the Authentication Manager services for the changes to take effect:
/opt/rsa/am/server/rsaserv restart all
  1. Apply the update normally from your browser.

These changes are temporary. After upgrading to RSA Authentication Manager 8.4, the changes made above are reverted.

Tags (85)
Was this article helpful? Yes No
100% helpful (2/2)

In this article

Version history
Last update:
‎2020-12-12 08:43 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.