Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

Veröffentlichungsdatum: Apr 30, 2026

Beschreibung

In a self-managed Flex Gateway environment, the gateway fails to start successfully. The pod remains in a Running state but does not become ready (0/1 Ready). Logs indicate a TLS failure during runtime initialization due to an expired certificate, preventing the agent from establishing a connection to the Anypoint control plane.

Error:

[flex-gateway-agent][error] Anypoint websocket: error connecting to server: remote error: tls: expired certificate

Lösung

1. Enable DEBUG logging to identify the source of the TLS error. Check logs for specific endpoints causing the failure.

2. Test connectivity from the Flex Gateway pod to the control-plan to confirm the issue.

$ flexctl check connections
Error: failed connecting to https://arm-mcm2-service.kprod-eu.msap.io: remote error: tls: expired certificate
$ flexctl registration inspect
{“expiration_date”: “2025-09-25 19:27:32 +0000 UTC”}

3. Renew the registartion file by following the official documentation.

Nummer des Knowledge-Artikels

005321521

Konnten Sie Ihr Problem mithilfe dieses Artikels lösen?

Geben Sie uns Feedback, damit wir uns verbessern können.

Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List