Troubleshooting an update issue with an RSA Authentication Manager 8.x Web Tier deployment
Originally Published: 2016-04-27
Article Number
Applies To
RSA Product/Service Type: RSA Authentication Manager
RSA Version/Condition: 8.x
Issue
Updating in progress
Tasks
- Check name resolution on the web tier and Authentication Manager instances using the nslookup command. An administrator is checking whether the fully qualified hostname of all Authentication Manager and web tier instances can be resolved successfully. For example:
[root@rh6-webtier-01 ~]# nslookup am81p.corp.net Server: 192.168.2.105 Address: 192.168.2.105#53 Name: am81p.corp.net Address: 192.168.2.150 [root@rh6-webtier-01 ~]#
- Check on the web tier instance for the presence of a listener on port 443/tcp, for example:
[root@rh6-webtier-01 ~]# netstat -ano | grep 443 tcp 0 0 192.168.100.150:443 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:443 0.0.0.0:* LISTEN off (0.00/0/0) [root@rh6-webtier-01 ~]#
- Check on the Authentication Manager instance for the presence of a listener on port 7022/tcp; for example:
rsaadmin@am81p:~> netstat -ano | grep 7022 tcp 0 0 ::1:7022 :::* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:7022 :::* LISTEN off (0.00/0/0) tcp 0 0 fe80::250:56ff:fe0:7022 :::* LISTEN off (0.00/0/0) tcp 0 0 192.168.2.150:7022 :::* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.2:7022 :::* LISTEN off (0.00/0/0)
- Check that the web tier instance can communicate to the 7022/tcp listener on the preferred Authentication Manager instance, using the command openssl s_client -connect <Authentication Manager IP Address>:7022 on web tier deployments where the host operating system is Red Hat Enterprise Linux, where <Authentication Manager IP Address> is the IP address of the Authentication Manager instance.
Resolution
In the instances below, [WTHOME] is where administrator installed the Authentication Manager web tier software. By default this folder is /opt/RSASecurity/RSAAuthenticationManagerWebtier.
- All the files found in the [WTHOME]/appserver/logs folder.
- The imsTrace.log file found in the [WTHOME]/webtierBootstrapper/n.n.n.n.n/logs folder (where n.n.n.n.n represents the latest patch version; for example, 8.1.1.4.0 represents Authentication Manager 8.1 Service Pack 1 patch 4).
- All the *.log files from the [WTHOME]/server/logs folder.
- All the *.log files from the [WTHOME]/server/servers/AdminServer/logs folder.
- All the *.log files from the [WTHOME]/server/servers/AdminServer/data/ldap/log folder.
IMPORTANT: RSA Customer Support will require the password used to protect the zip file in either verbal communication or another email (where an email was used to send the zip file). Alternatively, the zip file can be uploaded to the RSA secure site using the RSA knowledge article How to upload files onto RSA Secure FTP (SFTP) site for review by Customer Support where the password is placed in the comments field.
Related Articles
Fortigate SSL VPN Timeout Issue with Approve/Biometrics Number of Views AFX Server remains in a 'Not running' State with 'An issue with handling encryption was encountered' error on startup in R… Number of Views Urgent Notice: Issue with Embedded IDR Image Downloads Number of Views “An issue with handling encryption was encountered" with IBM JDK 1.8.0_281 and later in RSA Identity Governance & Lifecycle Number of Views Using tcpdump to troubleshoot authentication issues with RSA Authentication Manager 8.x Number of Views
Trending Articles
An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.8 Setup and Configuration Guide Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide
Don't see what you're looking for?
