Endpoint can not be added with timeout error.

book

Article ID: 39348

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Symptom:

PIM is installed on Linux machine.  When try to add this linux endpoint in ENTM web portal with use enhanced functionality checked, endpoint can not be added with result returned until timeout error.

 

Environment:

ENTM: 12.8 (windows)
PIM: 12.8  (linux)

  

Cause:

Jboss error log indicate PIM is unable to communicate with ENTM server.

ERROR: Failed to connect to the Distribution Server ssl://172.31.1.215:7243, rv = 6 : Security exception.

This is common error when there is communication password mismatch between PIM and ENTM server.


Resolution:

1. sechkey -t -pwd (communication password when installed ENTM) in endpoint.
2. restart controlminder in endpoint.

If communication password is lost or forgotten.

1. select SSH device not Access Control for PUPM when add endpoint in ENTM web portal.
2. do not check use enhanced functionality.

  

Additional Information:

Installation process will ask for communication password when install PIM. When it is set correctly new installed PIM will be registered to ENTM server and endpoint will be added automatically.


Set up ENTM and PIM in the lab with different communication password. Tried to add endpoint like customer get the same symptom and customer with timeout error.

Endpoint is auto registered right after change communication password with sechkey -t -pwd.

Below is the reference for sechkey Utility:
https://docops.ca.com/ca-controlminder/12-8/EN/reference/reference-guide/sechkey-utility/sechkey-utility-change-the-message-queue-password

Environment

Release: ACP1M005900-12.8-Privileged Identity Manager
Component: