KB Article #176528

Unable to start Sentinel in service mode when SSL/TLS is activated

Problem

-- SSL/TLS is activated in Sentinel configuration
-- Default Sentinel certificate are used (delivered by Axway)
-- When trying to start Sentinel in service mode, it doesn't start because of a timeout and the following error appears:

Error 1053: The service did not respond to the start or control request in a timely fashion and Axway Sentinel will not start.


Resolution

* This happen because of a problem with certificate (it works without SSL/TLS mode activated). Here is the procedure to generate new certificate (recommended):

1. Follow the "Sentinel help > Configuring Sentinel > Set-up Sentinel > Configure the server environment > Configure Sentinel with SSL" by thinking to set the hostname of my machine when keytool ask for first and last name (this way, your hostname will be in the CN part of the certificate. The part where trkserver is update can be skip for now (it will be override after)

2. Update Synchrony installation with the Administration tool to use the newly generated certificate:

    C:\Axway\sent36\Administration\bin>Administration update-store --type ssl_keystore --storepath C:\Axway\sent36\Common\config\certs\sentinel.keystore --storepass axway*

    C:\Axway\sent36\Administration\bin>Administration update-store --type sso_trustore --storepath C:\Axway\sent36\Common\config\certs\sentinel.truststore --storepass axway*

    (to adapt with your value).

3. Update the trkserver.xml as told in the Sentinel help (it will show cert password in clear, you can use configure tool of Administration to have encrypted value).

4. Restart Apace-Tomcat and Sentinel (as a service)

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.