Loading

Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

公開日: Apr 30, 2026
説明

In a self-managed Flex Gateway environment, the gateway fails to start successfully. The pod remains in a Running state but does not become ready (0/1 Ready). Logs indicate a TLS failure during runtime initialization due to an expired certificate, preventing the agent from establishing a connection to the Anypoint control plane.

Error:

[flex-gateway-agent][error] Anypoint websocket: error connecting to server: remote error: tls: expired certificate
解決策

1. Enable DEBUG logging to identify the source of the TLS error. Check logs for specific endpoints causing the failure.

2. Test connectivity from the Flex Gateway pod to the control-plan to confirm the issue.

$ flexctl check connections
Error: failed connecting to https://arm-mcm2-service.kprod-eu.msap.io: remote error: tls: expired certificate
$ flexctl registration inspect
{“expiration_date”: “2025-09-25 19:27:32 +0000 UTC”}

3. Renew the registartion file by following the official documentation.

ナレッジ記事番号

005321521

 
読み込み中
Salesforce Help | Article