Unix agent cannot connect to the Automation Engine | U02000313 Communication error with partner '*SERVER', error: ''.
Article ID: 235624
Updated On:
Products
CA Automic Workload Automation - Automation Engine
Issue/Introduction
Th Unix agent is started and immediately stops.
U02000379 Initiating connection to server 'UC4' using WebSocket URI: 'AE_Server:8443/agent'.
U02000377 Certificate loaded from file '/etc/pki/tls/certs/ca-bundle.crt'.
U02000378 Loading certificates from directory: '/home/uc4adm/Agents/certs/'.
U02000377 Certificate loaded from file '/home/uc4adm/Agents/certs/certificate.crt'.
U02000398 Loading certificates from the directory './security' that is specified in the parameter'AgentSecurityFolder'.\
U02000377 Certificate loaded from file './security/Agent_Name.pem'.
U02000313 Communication error with partner '*SERVER', error: ''.
U02000010 Connection to Server 'UC4/IP address:8443' terminated.
U02000074 Connecting to system 'UC4' is not possible.The trace file shows the following entries:
MAIN-THREAD on_ssl_handshake(name=*SERVER,ec=certificate verify failed) -->
MAIN-THREAD interface_error(name=*SERVER,host=Server_Name,error=exception(nr=2000313,msginsert=*SERVER,errno=11923247) -->
MAIN-THREAD on_ssl_handshake <-- (handshake error)Environment
Release : 21.0
Component : AUTOMATION ENGINE
Cause
Configuration.
Resolution
The certificate in the trustedCertFolder= only contained the header and not the full certificate chain. The certificate chain can be exported with a graphical tool called Keystore Explorer. The screenshots below explain the process.
Right click on the key pair --> Export --> Export Certificate Chain
As Export Length choose Entire Chain and save the certificate (.crt).
This certificate can then be used on additional Automic components (i.e. agents) to connect to the Automation Engine using TLS.
The parameter to specify the certificate is called: trustedCertFolder=
Additional Information
Feedback
Yes
No
Powered by
