My Oracle Support Banner

EM 12c, EM 13c: Securing OMS fails with "Some Agents are not yet re-secured to get certificate issued by new CA" (Doc ID 2140582.1)

Last updated on JULY 27, 2022

Applies to:

Enterprise Manager Base Platform - Version 12.1.0.1.0 to 13.2.0.0.0 [Release 12.1 to 13c]
Information in this document applies to any platform.

Symptoms

 Securing OMS fails with the error below:

<OMS HOME>/bin>./emctl secure oms
Oracle Enterprise Manager Cloud Control 12c Release 4
Copyright (c) 1996, 2014 Oracle Corporation. All rights reserved.
Securing OMS... Started.
Enter Enterprise Manager Root (SYSMAN) Password :
Enter Agent Registration Password :
Some Agents are not yet re-secured to get certificate issued by new CA.
Use -force_newca option if you want to ignore and continue.
If -force_newca option is used, the communication between OMS & Agents that are not re-secured with the new CA will fail.
The agents to be resecured can be found using "emcli get_ca_info -details".
These Agents have to be re-secured manually using emctl to restore the communication.
Securing OMS... Failed. Check the log <PATH>/gc_inst/em/EMGC_OMS1/sysman/log/secure.log

 Verify the Certificate Authority details using the command below:

<OMS HOME>/bin>./emcli get_ca_info -details

Info about CA with ID: 1
CA is not configured
Signature algorithm : sha512
Key strength : 1024
DN: CN=<OMS Hostname>, C=US, ST=CA, L=EnterpriseManager on <OMS Hostname>, OU=EnterpriseManager on <OMS Hostname>, O=Enterprise Manager on <OMS Hostname>
Serial# : 18032245032164600800
Valid From: Tue Oct 14 01:34:50 BST 2014
Valid Till: Sat Oct 12 01:34:50 BST 2024
Number of Agents registered with CA ID 1 is 1
<OMS Hostname>:3872

Info about CA with ID: 2
CA is configured
Signature algorithm : sha512
Key strength : 1024
DN: CN=suppcloudem.vm.oracle.com, C=US, ST=CA, L=CA2, OU=EnterpriseManager on <OMS Hostname>, O=EnterpriseManager on <OMS Hostname>
Serial# : 87331387064661225160
Valid From: Thu May 19 19:22:43 BST 2016
Valid Till: Mon May 18 19:22:43 BST 2026
There are no Agents registered with CA ID 2

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.