If you have installed a Windows Slave and it fails to connect, there are a number of checks that you should make before contacting Customer Support.
Check the SSL Keys
The appliance and slave communicate through an encrypted channel. In order for the slave to communicate with the appliance, both ends require the presence of a certificate authority file and an SSL (Secure Sockets Layer) key file.
The appliance needs the following:
- ca_01.pem – The certificate authority.
- appliance_key_01.pem – The key for the appliance.
The Slave needs the following:
- ca_01.pem – The same certificate authority file as the appliance, copied to the slave.
- slave_key_01.pem – The same key file as the appliance, renamed and copied to the slave.
Check the following:
- The files exist at both ends in the corresponding ~/etc directories.
- The files were present at the time that the process started.
- The certificate authority on both the appliance and the slave are the same.
Check for an omniORB.cfg file
The communication between appliance and slave uses the omniORB CORBA implementation. Configuration of omniORB can affect communication. omniORB's configuration is stored in C:\omniORB.cfg. In a normal slave install, that file is not present. If it is present, its contents may prevent communication with the slave, or may cause other problems.
Restricting appliances that can connect
omniORB can be configured to only permit connections from particular IP addresses. This is achieved by adding a line of this form in C:\omniORB.cfg:
That tells omniORB that only the specified IP address can connect with SSL. The IP address should be the IP address of the appliance. If multiple appliances are to use the same slave, one serverTransportRule line for each should be added.
Tideway Blog