The A2A client 'Connection Status' PAM shows as yellow inhibiting users from running scripts from the client server(s) in this state. Stopping and starting the client sometimes helps.
During this time the following may be observed from the A2A client log (Credentials > Manage A2A > Clients > <select the client> > Get Logs):
WARNING: Fri May 18 10:17:41.515 EDT 2018 CSPMService::doPost. Failed to process event: UNKNOWN, exception: null
[Fatal Error] :1:1: Content is not allowed in prolog.
org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Content is not allowed in prolog.
Release: 4.1.X
Component: CAPAMX
First make sure that 28088 & 28888 ports are open.
Try updating the key:
Credentials > Manage A2A > Clients > <double click your client> > Change Key
If that does not work, clear the client cache file:
1) Stop the client:
$CSPM_CLIENT_HOME/cspmclient/bin/cspmclientd stop
2) Delete the following if it exists:
$CSPM_CLIENT_HOME/cspmclient/config/data/.cspmclient.dat
3) Deactivate A2A in the device: Devices > Manage Devices > <select your device> > Unselect 'Active'
4) Start the client: cspmclientd start
5) Activate A2A in the device
Confirm DNSlookup. Issue also seen where DNSlookup has a primary IP and 15 other IP addresses. Once registered again the IP was changed to a secondary IP which redirected through DNS properly and allowed A2a to connect. Connection Status green.
Change \A2a Auth mappings in PAM UI as needed.