Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

Julkaisupäivä: Apr 30, 2026

Kuvaus

In a self-managed Flex Gateway environment, the gateway fails to start successfully. The pod remains in a Running state but does not become ready (0/1 Ready). Logs indicate a TLS failure during runtime initialization due to an expired certificate, preventing the agent from establishing a connection to the Anypoint control plane.

Error:

[flex-gateway-agent][error] Anypoint websocket: error connecting to server: remote error: tls: expired certificate

Ratkaisu

1. Enable DEBUG logging to identify the source of the TLS error. Check logs for specific endpoints causing the failure.

2. Test connectivity from the Flex Gateway pod to the control-plan to confirm the issue.

$ flexctl check connections
Error: failed connecting to https://arm-mcm2-service.kprod-eu.msap.io: remote error: tls: expired certificate
$ flexctl registration inspect
{“expiration_date”: “2025-09-25 19:27:32 +0000 UTC”}

3. Renew the registartion file by following the official documentation.

Knowledge-artikkelin numero

005321521

Ratkaisiko tämä artikkeli ongelmasi?

Anna palautetta, jotta voimme kehittyä!

Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List