The way the initial handshake works is:
- Agent detects it doesn't have any certificates (first line in the log) and needs to get itself signed by a manager appliance.
- Agent connects to the given manager appliance IP on port 37890 (outgoing port 37893, there's basically a pool and that's the first one it chooses)
- Manager signs agent's certificate and the agent creates the keystores to store that info
- Agent connects to actually transfer data on 37892 (outgoing port from the pool, 37893-6)
It looks like the manager thinks it's signing the agent's cert, but the agent isn't storing that for some reason, so it keeps sending a new request to get its certificate signed, repeat, repeat repeat.
Is it failing with the "Connection Reset" exception every time? Do they all fail the same way?
Do you see any events related to those agents in the SolarWinds Events filter (under "Default Filters" in Monitor)? Looking for possible "InternalUnknownAgent" or "InternalDuplicateAgent" or error/warning alerts that might give us some insight to what's happening on the appliance side.
Lastly, do you have a support case # on this one, maybe I can push from that end, too?