SSLV interface went down once ruleset are being imported from another box

book

Article ID: 168889

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

SSLV interface went down once ruleset are being imported from another box. Checked from var/log/messages and the following was found

Dec 1 06:34:20 abc123 sslmanage[3853]: ? Activation request sent to data-plane
Dec 1 06:34:20 abc123 ssldata[3860]: # Failed to activate default RSA internal CA in ruleset 'ruleset1': 0x3b00c82c
Dec 1 06:34:20 abc123 ssldata[3860]: # Failed to parse ruleset associated with segment 'zone1': 0x3b00c82c
Dec 1 06:34:20 abc123 ssldata[3860]: # Rule parser: failure:SSLe:Modification [0x3b00c82c;code:44;sub:200] Invalid PKI object
Dec 1 06:34:20 abc123 ssldata[3860]: ! Deactivate (Activation failure):SSLe:Modification [0x3b00c82c;code:44;sub:200] Invalid PKI object

 

Resolution

Checked that one of the rule is point to an unknown CA under "Default RSA and EC Internal Certificate Authority". There were also a Decrypt (Resign Certificate) rule which the "RSA Resigning CA" had a empty value.

Interface came back up once the ruleset and decrypt rule is pointed to the correct CA