Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
488
Views
0
Helpful
3
Replies

CSS11503 - SSL Module Issue

Brendan O'Flynn
Level 1
Level 1

‎02-19-2009 02:34 AM

Has anyone come across situations where an SSL module (CSS5-SSL-C-K9) stops responding and users get "Page connot be displayed".

When you try and look at the SSL statistics (sh ssl statistics ssl) you get the following error message:

Timeout waiting for SSL_SHOW_MSG response

Accessing and interrogating the redundant CSS, with the same command, was not a problem. There was no failover as, I suppose, this would be regarded as a "soft" failure (i.e. all critical services and the SSl service itself were OK).

The was no indication of any issues being reported in the traplog or sys.log. A few days previous to this event occurring I had amended the set-up which necessitated doing extensive re-configuring, suspending and re-activating the SSL proxy-list.

We have dual CSS11503, running 08.20.2.01, in a Master/Slave redundant set-up.

Thanks,

Brendan

Labels:
0 Helpful
3 Replies 3

lalvenka
Level 1
Level 1

‎02-20-2009 01:38 PM

Hi Brendan,

Given this error message and your CSS version information, you might be hitting a bug. There is a bug that you can look online using the Cisco bug tool kit for this bug "CSCsm50650 - Header insert can cause the SSL module to become unresponsive". If you have configured http-header insert under the SSL proxy list, then this bug is applicable in your scenario.

Mostly rebooting the CSS should resolve the issue. I would recommend you to open a TAC case if this issue exist after the reboot also.

Thanks,

Lalitha

0 Helpful

Brendan O'Flynn
Level 1
Level 1
In response to lalvenka

‎02-23-2009 05:02 AM

Hi Lalitha,

Yes, we do have http-header insert configured. I can also confirm that a reboot fixed the issue (forgot to mention this in my original mail).

Have you noticed this issue occurring regularly for this code version? I will review the release notes for latest code release and upgrade if possible.

Thanks for your help and prompt response on this.

Brendan

0 Helpful

lalvenka
Level 1
Level 1
In response to Brendan O'Flynn

‎02-24-2009 07:20 AM

Hi Brendan,

I was just looking for the bug information based on your email. I have not seen much issues regarding to the error message that you received. It is always better to be on the latest version on code as far as possible.

Thanks,

Lalitha

0 Helpful
Customers Also Viewed These Support Documents