Enterprise Manager Generic (MOSC)

MOSC Banner

SSL Agent Communication Failure

Comments

  • nahed - oracle
    nahed - oracle Posts: 1,689 Bronze Trophy

     Hello
    The main problem you are seeing :

    "Communication from the Oracle Management Service host to the Agent host failed. Refer to help for details. javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr    "

    Usually comes from the inability of the agent to establish a secure connection with the OMS on the specific port it was told to. This can be due to:

    - Invalid registration password that the agent is using
    - Invalid port / OMS is using a different port that the agent thinks it is
    - Invalid/ expired certificate
    ....

    To know for sure, please answer the following
    - IS this Oms behind an SLB? if so see note 353074.1
    - Are other agents able to communicate to the same OMS ? If so, browse the emd.properties for those agents in their O_H\sysman\config and compare those to your faulty agents
    - If you unlock the oms, can the agent connect if unsecured?
    - Can the Agent ping the oms node and the oms ping the agent node freely using tcpip ping? in this test use the same hostnames seen in the repository_url and agent_url as configured in the emd.properties for the faulty agent

    best regards
    Nahed - moderator

  • nahed - oracle
    nahed - oracle Posts: 1,689 Bronze Trophy
    edited Jan 21, 2010 7:35AM
     Hello
    The main problem you are seeing :

    "Communication from the Oracle Management Service host to the Agent host failed. Refer to help for details. javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr    "

    Usually comes from the inability of the agent to establish a secure connection with the OMS on the specific port it was told to. This can be due to:

    - Invalid registration password that the agent is using
    - Invalid port / OMS is using a different port that the agent thinks it is
    - Invalid/ expired certificate
    ....

    To know for sure, please answer the following
    - IS this Oms behind an SLB? if so see note 353074.1
    - Are other agents able to communicate to the same OMS ? If so, browse the emd.properties for those agents in their O_H\sysman\config and compare those to your faulty agents
    - If you unlock the oms, can the agent connect if unsecured?
    - Can the Agent ping the oms node and the oms ping the agent node freely using tcpip ping? in this test use the same hostnames seen in the repository_url and agent_url as configured in the emd.properties for the faulty agent

    best regards
    Nahed - moderator
     Hello again
    Also as a side note please be aware that you posted your thread as a document which is intended for knowledge transfer and not to troubleshoot issues. Please repost as a question/discussion and I will post the same reply I just did here.

    I also left you a private message with some information request. Please respond so we can help you further

    Best regards
    Nahed - Moderator

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center