Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
3
Replies

Certificates vanished - ACE Module. Strange!

Go to solution
cisco_lite
Level 1
Level 1

‎03-05-2009 08:52 AM

ACE modules are configured in Active/Standby context mode on two distinct Cat6500's. The feature license is 10,000 SSL tps, 8Gbps throughput.

We ran the application performance tests with 1000 users with https transactions and I noticed that the all the root certificates under the chaingroup disappeared. Only the website certificate remained. When I accessed the website, it gave 'error with the security certificate' i.e. the root was not identifiable due to missing certificates. Eventually, the CPU went 100% on Cat6500 and the ACE module was shutdown by the chassis. It got reenabled automatically in 5 minutes.

I re-added the root certs, removed/added the service policy and after sometime I noticed the root certs disappeared again. STRANGE !

show version output is

Cisco Application Control Software (ACSW)

TAC support: http://www.cisco.com/tac

Copyright (c) 2002-2006, Cisco Systems, Inc. All rights reserved.

The copyrights to certain works contained herein are owned by

other third parties and are used and distributed under license.

Some parts of this software are covered under the GNU Public

License. A copy of the license is available at

http://www.gnu.org/licenses/gpl.html.

Software

loader: Version 12.2[121]

system: Version 3.0(0)A1(6.3a) [build 3.0(0)A1(6.3a) adbuild_02:16:25-2008/02/02_/auto/adbu-rel3/ws/rel_3_0_0_a1_6.3-thr

ottle/REL_3_0_0_A]

system image file: [LCP] disk0:c6ace-t1k9-mz.3.0.0_A1_6_3a.bin

installed license: ACE-08G-LIC ACE-VIRT-020 ACE-SSL-10K-K9

Hardware

Cisco ACE (slot: 2)

cpu info:

number of cpu(s): 2

cpu type: SiByte

cpu: 0, model: SiByte SB1 V0.2, speed: 700 MHz

cpu: 1, model: SiByte SB1 V0.2, speed: 700 MHz

memory info:

total: 957640 kB, free: 347924 kB

shared: 0 kB, buffers: 1588 kB, cached 0 kB

cf info:

filesystem: /dev/cf

total: 1014624 kB, used: 360960 kB, available: 653664 kB

last boot reason: NP 0 Failed : NP ME Hung

configuration register: 0x1

Could you please advise whether there is any bug in the above software version i.e. it removes the root certs due to heavy transaction load.

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎03-06-2009 05:39 AM

Upgrade to A2(1.3)

CSCsl96203: SSL certificate is lost from user context after reboot/crash

Gilles.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎03-06-2009 05:39 AM

Upgrade to A2(1.3)

CSCsl96203: SSL certificate is lost from user context after reboot/crash

Gilles.

0 Helpful

Go to solution
cisco_lite
Level 1
Level 1
In response to Gilles Dufour

‎03-06-2009 08:58 AM

I wanted to look for more details regarding this bug id. But I got the below message in Bug Toolkit. Please advise...

CSCsl96203 Bug Details

Information contained within bug ID CSCsl96203 is only available to Cisco employees. It is our policy to make all externally-facing bugs available in Bug Toolkit so the system administrators have been automatically alerted to the problem. By choosing to save this bug, you may be notified when the decision to make this bug available to you has been made. Note: Some product enhancement requests and documentation error bugs may not be available in Bug Toolkit.

0 Helpful

Go to solution
cisco_lite
Level 1
Level 1
In response to cisco_lite

‎03-06-2009 09:33 AM

Hi,

I have downloaded the A2(1.3) version but I am not able to find any release notes detailing bug resolution list etc.

Also, can I do a direct upgrade from current version to A2(1.3).

Thanks.

0 Helpful
Customers Also Viewed These Support Documents