Layer7 API Gateway: smreghost exited with nonzero status
Article ID: 126355
Updated On:
Products
Issue/Introduction
When trying to register the gateway to CA SSO Policy Server, we get the following error dialog box.
Steps followed:
Configure System Property for CA Single Sign-On
Before you start using CA Single Sign-On, configure the following system property first.
To configure the system property for CA Single Sign-On:
1. Open a privileged shell.
2. Locate and open the following file in a text editor:
/opt/SecureSpan/Gateway/node/default/etc/conf/system.properties
3. Add the following line:
org.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE = true
4. Save and exit the file.
5. Restart the Gateway.
Environment
SSO Policy Server 12.51 Sp1 FIPS mod (mode or version does not matter)
Cause
The network conversation between the APIM GW IP:xxx.xxx.xxx.xxx:44442 to SSO Policy server yyy.yyy.yyy.yyy:44442 - is not able to be established on port 44442
RST
No. Time Source Source Port Destination Destination Port Protocol Length Info
34 2019/036 15:19:24.592370 xxx.xxx.xxx.xxx 58295 yyy.yyy.yyy.yyy 44442 TCP 66 58295 → 44442 [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 WS=512
35 2019/036 15:19:24.592677 yyy.yyy.yyy.yyy 44442 xxx.xxx.xxx.xxx 58295 TCP 60 44442 → 58295 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
Resolution
When registering the "CA Single Sign-On Registration Properties", you can explicitly specify the port number used by the policy server.
In this case, only port 44441 was used - see below:
NOTE: After registration is complete, you may need to make changes to the following parameters:
server.0.0.accounting.port
server.0.0.authentication.port
server.0.0.authorization.port
Example:
Feedback
