Secure Gateway upgrade to 3.3.4 fails with SSL library error 57

Secure Gateway upgrade to 3.3.4 fails with SSL library error 57

book

Article ID: CTX220687

calendar_today

Updated On:

Description

After Secure Gateway upgrade to 3.3.4 depending on the deployment method, :
>We either see a blank page and an SSL handshake failure (If going to the SG first during enumeration), otherwise
>Or you will see an app launch failure (if enumeration is done to the Web Interface)

In both scenarios we see SSL handshake failure.

Error log:
[Thu Aug 03 00:44:31 2017] [error] SSL Library Error 57 on <domain name>:443 with peer <ip address>: The operation completed successfully.
[Thu Aug 03 00:44:31 2017] [warn] SSL handshake from client failed
 

Resolution

-Secure Gateway 3.3.4 does not appear to check the "Personal" store for root and intermediate certificates.
-This worked on 3.3.2 but on 3.3.4 the client encounters an SSL handshake failure.
-Move the root and intermediate certificates into the correct "Trusted Root" store 

Problem Cause

Upgrade from Secure Gateway 3.3.2 to version 3.3.4