AnsweredAssumed Answered

Causes for outage due to trusted host issue

Question asked by Jim-Lundell-3M on Aug 17, 2016
Latest reply on Aug 17, 2016 by Jim-Lundell-3M

Hi,

 

We had a recent outage that impacted all 'related' web server running on two RHEL6 hosts.  The web servers were Apache on two separate hosts. (We are running R12.52 SP on 2012R2.)

 

The purpose of my post is not to 'solve' the problem but rather ensure I understand all possible causes for this issue.  The web agents simply stated they were unable to contact policy server and/or find the HCO object. We resolved this issue by running smreghost on each host using the new smhost.conf file generated.  T

 

Below is a partial list I have so far...

 

1) Connection/firewall rules

        ==>Does not seem likely as running smreghost again solved the problem.

 

2) Trusted Host object modified in policy store.  

          ==>I've confirmed via the audit log that no changes were made; my assumption is these keys were not corrupted.

 

3) Corruption to the two smhost.conf files on the two hosts.  Numerous web servers share the same host file; but each host used smreghost independently for each of their own smhost files. 

     ==>Given that two both hosts had the same issue around the same time, this does not seem likely

 

4) A system change that impacted the agents algorithm to decrypt the session key in the smhost.conf file

     ==>My current theory

 

Question: Is it true the web agent on RHEL6 will encrypt using system-specific info. for the trusted host key in the smhost.conf file?   If so, what properties are used?

 

5) Others?

 

 

Thanks in advance! 

 

Cheers, Jim

Outcomes