Error releasing messages from Messaging Gateway quarantine from the DLP Enforce console after upgrade to 10.6.3

book

Article ID: 169867

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

After upgrading to Messaging Gateway (SMG) to version 10.6.3 you get an SSL error when trying to release messages from the SMG quarantine from the DLP console.

In the tomcat log,
 
20 Jul 2017 09:15:01,401- Thread: 161 SEVERE [com.symantec.dlpx.flexresponse.emailquarantineconnect.EmailQuarantineConnectPlugin] javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
 

Cause

This is due to a change in ciphers that are accepted by SMG 10.6.3. SMG 10.6.3 requires TLS 1.2 ciphers and does not allow failover to TLS 1.0

Environment

SMG 10.6.3 and some version of Symantec DLP.

Resolution

Change the configuration files for flex response to use TLS version 1.2 in the following three files:

  • EmailQuarantineConnectApproved.properties
  • EmailQuarantineConnectCustom.properties
  • EmailQuarantineConnectRejected.properties

(NOTE: These files are located in <drive>:\SymantecDLP\Protect\plugins)

The setting "ssl-protocol-version = TLSv1" should be changed to "ssl-protocol-version = TLSv1.2"

Save the files and restart the Vontu Manager service.