IBM 51 manual Tivoli Common Agent Services messages

BTC1048E The common agent failed to renew its

certificate revocation list.

Explanation: The common agent failed to renew its certificate revocation list with the certificate authority of the agent manager. One of the following reasons might be the cause of the failure:

vThe certificate revocation list port of the agent manager cannot be reached, either because the agent manager is not active, an error exists in the network configuration, or the service location information stored in the common agent properties file is incorrect.

vAn error occurred on the agent manager while constructing a new certificate revocation list.

System action: The common agent will continue to run with its existing certificate revocation list. However, various components, for example, resource managers with revoked certificates will be able to successfully contact the common agent and invoke operations on the common agent.

Administrator Response: Attempt to determine if the certificate revocation list renewal failed because the common agent was not able to reach the certificate revocation list port of the agent manager. Check the traceAgent.log file for exceptions and messages.

If the log indicates that the common agent was not able to contact the certificate revocation list port of the agent manager, do the following:

vMake sure the agent manager is up and running.

vMake sure the location information stored in the common agent properties file is correct.

vMake sure the agent manager can be reached from the common agent using the host name specified in the common agent properties file.

vMake another attempt to renew the certificate revocation list.

If the log indicates that a problem occurred on the agent manager, check the agent manager log file for associated exceptions and error messages. If the problem persists, contact customer support.

BTC1049E The common agent failed to reset its GUID and security credentials.

Explanation: The common agent failed to reset its operating system GUID and register for a new certificate. This message appears if one of the following conditions is met:

vAn error occurred while resetting the operating system GUID.

vThe registration port of the agent manager could not be reached because either the agent manager is not active, an error exists involving network

configuration, or the service location information stored in the common agent properties file is incorrect.

vThe common agent does not trust the agent manager certificate authority because the current certificate used by the agent manager certificate authority does not exist in the common agent truststore.

vThe common agent made another attempt to register with the incorrect registration password.

System action: The common agent will continue to run with its existing credentials. Depending on whether or not the operating system GUID was successfully set, those credentials might be not valid because the identification information stored in the certificate might not match the information of the common agent and its underlying system. Credentials that are not valid will not block components from successfully contacting the common agent. However, the common agent will be unable to invoke operations on the agent manager that require client authentication For example, renewing certificates and sending status updates will not be allowed.

Administrator Response: Examine the traceAgent.log trace output file and attempt to determine which one of the conditions mentioned in the explanation invoked the message.

If the log indicates that the common agent was not able to contact the registration port of the agent manager, do the following:

vMake sure the agent manager is up and running.

vMake sure the location information stored in the common agent properties file is correct.

vMake sure the agent manager can be reached from the common agent using the host name specified in the common agent properties file.

vMake another attempt to register the common agent.

If the log indicates that the SSL handshake between the common agent and agent manager failed because the common agent did not trusting the agent manager, attempt to resolve the problem by doing the following:

1.Shutdown the common agent.

2.Backup and delete the contents of the cert directory.

3.Place the agentTrust.jks file from the agent manager in the empty cert directory.

4.Start the common agent. Because the cert/agentKeys.jks file is missing, it will attempt to register. If the common agent has the correct registration password, the registration should be successful, and the common agent should receive a new certificate.

If the agent manager rejected the password supplied by the common agent, update the Registration.Server.PW property in the common agent properties file, and attempt to register again.