Environment
Identity Manager Engine Functionality
Identity Manager Engine Credential Provisioning
Identity Manager - Remote Loader
Situation
Starting remote loader with SSL enabled (and sometimes without SSL) results in an EOF error and the driver and remote loader stop.
Error on remote loader trace is this:
DirXML: [02/17/20 08:23:39.24]: Loader: Waiting for DirXML to connect on 'TCP server socket, port 8097, address localhost, using TLS'...
DirXML: [02/17/20 08:23:39.25]: Loader: using TLSV1_2 ...
DirXML: [02/17/20 08:23:39.25]: Loader: SSL_CTX getoptions is :
DirXML: [02/17/20 08:24:35.38]:
DirXML Log Event -------------------
Thread = Subscriber Channel
Level = error
Message = SSL protocol-violating EOF found or I/O error:
DirXML: [02/17/20 08:23:39.25]: Loader: using TLSV1_2 ...
DirXML: [02/17/20 08:23:39.25]: Loader: SSL_CTX getoptions is :
DirXML: [02/17/20 08:24:35.38]:
DirXML Log Event -------------------
Thread = Subscriber Channel
Level = error
Message = SSL protocol-violating EOF found or I/O error:
Resolution
This is caused by a network issue where either the server or a router between the RL server and IDM engine is blocking some ports. In a lan trace you will see the remote loader and engine exchange a connection then if the problem is between the two servers, you will see a reset connection on both sides of the trace.
Looking at the time-to-live values in the lan trace will show that the reset connection has a different value than the first successful connection. Using that value difference you can determine how many hops away from the server is the problem.