This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

RSA Authentication Manager SDK 8.5 (for Java) failed on startup with a "CRED_MISMATCH" error

Article Number

000032110

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager SDK / API
RSA Version/Condition: 8.5
Platform: Java

Issue

RSA Authentication Manager SDK 8.5 (for Java) failed on startup with a "CRED_MISMATCH" error.

The error message below is reported in the output.
 
Can't create api: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
com.rsa.authagent.authapi.AuthAgentException: com.rsa.authagent.authapi.AuthAgentException: Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
    at com.rsa.authagent.authapi.AuthSessionFactory.a(AuthSessionFactory.java)
    at com.rsa.authagent.authapi.AuthSessionFactory.getInstance(AuthSessionFactory.java)
    at AuthUser.<init>(AuthUser.java:32)
    at AuthUser.main(AuthUser.java:62)


The API log reports the error message below.
[2015-12-03 16:50:30,241] INFO main - staring key negotiation. Connection: ServerConnection [ serviceType=MSGKEY, serviceURL=http://192.168.56.100:5500/Services/MessageKeyService, conn=null]
[2015-12-03 16:50:30,389] ERROR main - Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH
[2015-12-03 16:50:30,389] ERROR main - Error in initial AuthnReq/Rsp for serverTime.Error in processing Authn request: connect exception processing key negotiation request: com.rsa.authmgr.commonagent.h: Key negotiation exchange failed. Server response was CRED_MISMATCH

Resolution

The issue occurs because the agent name is mismatched between the agent machine and the AM server side.

To resolve it, there are two options that can be performed.

Option 1
  1. Comment "RSA_AGENT_NAME" in the rsa_api.properties file (when this line was commented out Agent SDK will use it's hostaname as the agent name).
  2. In Security Console, modify that agent record and change its name to the hostname of the agent machine.
    For example: if the Agent machine's hostname is "agentA.emc.lab" then you need to change the agent name in security console to "agentA.emc.lab" instead.

Options 2
Uncomment and give a value to "RSA_AGENT_NAME" in rsa_api.properties file. Then, in Security Console give the same name to that agent record.
For example: You give the value of "RSA_AGENT_NAME" in rsa_api.properties as "AgentA",  then, in Security Console, you need to set the agent record name to: "AgentA"  as well.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 09:46 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.