Loading

Self-Managed Flex Gateway Fails to Start Due to Expired TLS Certificate

게시 일자: Apr 30, 2026
상세 설명

In a self-managed Flex Gateway environment, the gateway fails to start successfully. The pod remains in a Running state but does not become ready (0/1 Ready). Logs indicate a TLS failure during runtime initialization due to an expired certificate, preventing the agent from establishing a connection to the Anypoint control plane.

Error:

[flex-gateway-agent][error] Anypoint websocket: error connecting to server: remote error: tls: expired certificate
솔루션

1. Enable DEBUG logging to identify the source of the TLS error. Check logs for specific endpoints causing the failure.

2. Test connectivity from the Flex Gateway pod to the control-plan to confirm the issue.

$ flexctl check connections
Error: failed connecting to https://arm-mcm2-service.kprod-eu.msap.io: remote error: tls: expired certificate
$ flexctl registration inspect
{“expiration_date”: “2025-09-25 19:27:32 +0000 UTC”}

3. Renew the registartion file by following the official documentation.

Knowledge 기사 번호

005321521

 
로드 중
Salesforce Help | Article