SSLV interface went down once ruleset are being imported from another box
book
Article ID: 168889
calendar_today
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
SSLV interface went down once ruleset are being imported from another box. Checked from var/log/messages and the following was found
Dec 1 06:34:20 abc123 sslmanage[3853]: ? Activation request sent to data-plane Dec 1 06:34:20 abc123 ssldata[3860]: # Failed to activate default RSA internal CA in ruleset 'ruleset1': 0x3b00c82c Dec 1 06:34:20 abc123 ssldata[3860]: # Failed to parse ruleset associated with segment 'zone1': 0x3b00c82c Dec 1 06:34:20 abc123 ssldata[3860]: # Rule parser: failure:SSLe:Modification [0x3b00c82c;code:44;sub:200] Invalid PKI object Dec 1 06:34:20 abc123 ssldata[3860]: ! Deactivate (Activation failure):SSLe:Modification [0x3b00c82c;code:44;sub:200] Invalid PKI object
Resolution
Checked that one of the rule is point to an unknown CA under "Default RSA and EC Internal Certificate Authority". There were also a Decrypt (Resign Certificate) rule which the "RSA Resigning CA" had a empty value.
Interface came back up once the ruleset and decrypt rule is pointed to the correct CA