Troubleshooting
Problem
When trying to synchronize a node, the following errors are seen in the syncNode.log:
Symptom
FileTransferC 1 Unable to
acquire SSO tokens com.ibm.websphere.management.exception.AdminException: No JMX
connection properties!
at
com.ibm.ws.management.filetransfer.client.FileTransferClientImpl.getAdmin
Client(FileTransferClientImpl.java:2702)
at
com.ibm.ws.management.filetransfer.client.FileTransferClientImpl.getSingleSignonTokens(FileTransferClientImpl.java:3705)
....
.......
FileTransferC A ADFS0125E: An
exception occurred downloading a file
download/cells/test8Cell/nodes/test8ProfileNodeweb390gwhgn01l/serverindex.xml8431091433764010699.tmp. Exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection
during handshake
at com.ibm.jsse2.tc.a(tc.java:592)
at com.ibm.jsse2.tc.g(tc.java:25)
at com.ibm.jsse2.tc.a(tc.java:582)
at com.ibm.jsse2.tc.startHandshake(tc.java:652)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:29)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:53)
at com.ibm.net.ssl.www2.protocol.https.b.connect(b.java:29)
....
.....
com.ibm.ws.management.sync.NodeSyncTask.processFolderSyncUpdate(NodeSyncTask.java:460)
at
com.ibm.ws.management.sync.NodeSyncTask.doSync(NodeSyncTask.java:283)
at com.ibm.ws.management.sync.NodeSyncTask.run(NodeSyncTask.java:157)
at java.lang.Thread.run(Thread.java:737)
Caused by: java.io.EOFException: SSL peer shut down incorrectly at com.ibm.jsse2.a.a(a.java:248)
at com.ibm.jsse2.tc.a(tc.java:549)
... 26 more
Cause
There are a few potential causes.
- Firewall or timing issue in the network
- Networking issue
- Dmgr server.xml file shows multiple or generic 'addressIncludeList' entries
Resolving The Problem
- Verify that the connections are good from the dmgr to the nodeagent, and vice versa. These include performing telnet test of the soap port, and WC_adminhost port.
- Check the dmgr server.xml to see if it has multiple 'addressIncludeList' entries or if it has generic IP address in the entry.
For example,
Scenario 1:
- Issue: addressIncludeList for WC_adminhost_secure is not valid
<transportChannels xmi:type="channelservice.channels:TCPInboundChannel"
xmi:id="TCPInboundChannel_2" name="TCP_3" endPointName="WC_adminhost_secure" maxOpenConnections="20000" inactivityTimeout="60" threadPool="ThreadPool_WC">
<addressIncludeList>10.*.*.*</addressIncludeList>
- Solution: Remove the above entry
Scenario 2:
- Issue: Incorrect IP addresses are shown in the dmgr and JVM server.xml for different ports
<transportChannels xmi:type="channelservice.channels:TCPInboundChannel"
xmi:id="TCPInboundChannel_1" name="TCP_1" endPointName="WC_adminhost"maxOpenConnections="20000" inactivityTimeout="60"threadPool="ThreadPool_WC">
<addressIncludeList>111.222.333.4</addressIncludeList>
</transportChannels>
<transportChannels xmi:type="channelservice.channels:TCPInboundChannel"
xmi:id="TCPInboundChannel_2" name="TCP_3"
endPointName="WC_adminhost_secure" maxOpenConnections="20000"
inactivityTimeout="60" threadPool="ThreadPool_WC">
<addressIncludeList>111.222.333.4</addressIncludeList>
- Solution:
- Confirm the correct IP address/hostname for the WC_adminhost, and WC_adminhost_secure port in the dmgr serverindex.xml
- Remove the above entries from the server.xml file
OR
- From the admin console > system administration > deployment manager > under additional properties click on webcontainer transport chains > WCInboundAdminSecure > TCP inbound channel (TCP_3) > in the column "Address include list" , remove the entries.
- Similarly from JVM application servers > servers > server name > expand webcontainter settings > webcontainer transport chains > HttpQueueInboundDefault > TCP inbound channel (TCP_2), remove the IP address under addressIncludeList for each entry such as adminhost, adminhost secure, defaulthost, and default host secure,
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21632277