Hi Folks,
We've done dozens of web agent installations before for our web infrastructure throughout the years. We are now beginning to move toward the AWS cloud infrastructure and I am doing a POC. We have an Amazon image of a Linux VM server and I installed Apache 2.4.27 and attempting to install/configure the R12.52 SP1 CR05 SiteMinder web agent to talk to our on premise SiteMinder policy server. Everything seemed to be gong well, but when I start up Apache, I get an error:
[30/Aug/2017:18:16:12] [Error] SiteMinder Agent
Sm_AgentApi_Init Failed.
ff ff ff ff
[30/Aug/2017:18:16:12] [Error] SiteMinder Agent
Failed to initialize the configuration manager.
LLAWP unable to get configuration, exiting.
Before starting this, we opened firewall rules between the AWS apache server host name (ip-10-48-29-137) and our on-prem policy server for ports: 44441/44442/44443. When the Apache server starts up, I see the following entries in the smtracedefault.log file, which tells me that there is communication between PS to the AWS apache web agent:
[08/30/2017][12:22:25][3906607984][][CServer.cpp:1869][CAgentMessageHandler::HandleInput][][][][][][][][Enqueuing a High Priority Message, from IP 10.48.29.137 with Port No 57646. Current count is 1]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1428][ThreadPool::Run][][][][][][][][Dequeuing a High Priority message, from IP 10.48.29.137 with Port No 57646. Current count is 0]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:2126][CAgentMessageHandler::DoWork][][][][][][][][New connection attempt from client host]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1910][GetSecretFunc][][][][][][][][Getting current secret for the Agent ip-10-48-29-137]
[08/30/2017][12:22:25][4126894960][][SmObjCache.cpp:773][CSmObjCache::Lookup][][][][][][][][Look up a cached object.]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1985][GetSecretFunc][][][][][][][][Marking the shared secret as used for the Agent ip-10-48-29-137]
[08/30/2017][12:22:25][3608890224][][SmObjCache.cpp:824][CSmObjCache::Fetch][][][][][][][][Retrieve an object from the object cache.]
[08/30/2017][12:22:25][3608890224][][SmObjCache.cpp:824][CSmObjCache::Fetch][][][][][][][][Retrieve an object from the object cache.]
One thing that I noticed difference in the smtracedefault.log file is that when this AWS apache server starts up, the smtracedefault.log file does not show entries of the "Fetching AgentKey", but when one of our on-prem Apache web servers starts up, we see the same log entries as the AWS server, but we also see the following entries regarding AgentKey:
[08/30/2017][12:22:25][3906607984][][CServer.cpp:1869][CAgentMessageHandler::HandleInput][][][][][][][][Enqueuing a High Priority Message, from IP 10.48.29.137 with Port No 57646. Current count is 1]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1428][ThreadPool::Run][][][][][][][][Dequeuing a High Priority message, from IP 10.48.29.137 with Port No 57646. Current count is 0]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:2126][CAgentMessageHandler::DoWork][][][][][][][][New connection attempt from client host]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1910][GetSecretFunc][][][][][][][][Getting current secret for the Agent ip-10-48-29-137]
[08/30/2017][12:22:25][4126894960][][SmObjCache.cpp:773][CSmObjCache::Lookup][][][][][][][][Look up a cached object.]
[08/30/2017][12:22:25][4126894960][][CServer.cpp:1985][GetSecretFunc][][][][][][][][Marking the shared secret as used for the Agent ip-10-48-29-137]
[08/30/2017][12:22:25][3608890224][][SmObjCache.cpp:824][CSmObjCache::Fetch][][][][][][][][Retrieve an object from the object cache.]
[08/30/2017][12:22:25][3608890224][][SmObjCache.cpp:824][CSmObjCache::Fetch][][][][][][][][Retrieve an object from the object cache.]
We had been troubleshooting this for several days now and would much appreciate any insights that the community can provide for us to find the root cause of this issue.
CA support case# 00829998
Thanks in advance!
Duc Tran.