Non-TLS Agent not connecting to second TLS Gateway
search cancel

Non-TLS Agent not connecting to second TLS Gateway


Article ID: 241282


Updated On:


CA Automic Workload Automation - Automation Engine


We are working on enabling TLS Gateway for our non-TLS Agents.

We have configured two TLS Gateways on two different servers and enabled the CP function.

When using telnet to connect to each answers

> telnet <server1> 2220
Connected to <server1>
Escape character is '^]'.
00000207UC4:global001NAT A0000151UCTLSGTW.1 AUTOMIC 21...CP 0001<server1>:2220;<server2>:2220^

It responds with the two defined TLS Gateway CP ports.

The agent is configured to connect to :


... and upon start, it takes notice of the other TLS Gateway as well:

20220408/111923.573 -          (CP_LIST)                            
20220408/111923.573 -          2220=<server2>

However, after stopping one of the TLS Gateways:

  • The agent disconnects from the Automation Engine and doesn't try to reconnect via the second TLS gateway
  • Even after restarting the Agent, it fails to connect


Release : 21.0

Component : TLS gateway


The cp_port defined for each TLS Gateway has to be unique in the entire environment because the port is the used as the key.

cp_port=2220 together with 2220=<server2> in the CP list is not understood by the Agent. 


The version 21.0 TLS gateway, when acting like a CP, requires a unique cp_port for each TLS Gateway as long as it's connected to the same Automic system.  Server1 with a TLS Gateway will requires one port, Server2 with a TLS Gateway requires a different port to be used.  This is the same as CP ports in version 12.3 and before and in version 21.0 for the "traditional" CP.