Connection issues
This topic describes how to recover your environment if a connection issue occurs.
You may encounter connection issues while using HCL Universal Orchestrator. In this topic you can find the main problems and the related solutions.
Certificate validity issues
This section lists the possible issues that you may encounter while using HCL Universal Orchestrator that are
related to the validity of certificates.
- Failed connection during calls between microservices in HTTPS
- During a microservices call in HTTPS, the connection fails. In this
case, check the message logs of the
gateway
microcroservice. - Failed connection using MongoDB
- While connecting to MongoDB, the connection fails. In this case, check for the validity of your certificate.
- Failed connection using Apache Kafka
- While connecting to Apache Kafka, the connection fails. In this case, open message logs and check the
error. There are two possible errors:
- The certificate that you are using is not valid.
- Your environment is configured to connect using a user name and a password, and the credentials that you are entering may be either wrong or expired.
Note: By default, HCL Universal Orchestrator accepts self-signed TLS/SSL certificates on Apache Kafka. To secure your connection and accept only trusted certificates, you can set the following parameter:IDENTIFICATION_ALGO=https
- Failed connection using Orchestration CLI
- While connecting to Orchestration CLI,
the connection fails. There are two possible errors:
- The following message
appears:
x509: cannot validate certificate
In this case, check if you are using a self-signed TLS/SSL certificate. If so, you must set theconnection.insecure
parameter totrue
as follows:connection.insecure=true
- A generic error appears. In this case, check if the address is
correct and then check if connection parameters as
context root
andprotocol
match server configuration.
- The following message
appears:
Agent communication issues
The main connection issue that you may encounter while registering the agent, is the
case in which the communication between the agent and
agent manager
fails and the agent
registration cannot complete. In this case, you must check the log messages on the
agent
and on the agent manager, and check if the connection parameters are correctly set. If parameters are
correct, the issue may be related to JWT token validity or security settings. Below
you can find possible reasons and solutions:
- The JWT token is not valid
- If the JWT token that you are using is not valid, it may be incorrect or expired. If your JWT token is expired, you can generate a new token following the procedure described in Authenticating the Orchestration CLI using API Keys topic.
- The user is not authorized to register the agent
- If the JWT token is correct, but the connection between the agent manager
and the agent keeps failing, the reason may be that the
REGISTER_AGENT
administrative security role is not set for the user who is performing the agent registration. For more information, see Managing Workload Security.