03-05-2009 08:52 AM
ACE modules are configured in Active/Standby context mode on two distinct Cat6500's. The feature license is 10,000 SSL tps, 8Gbps throughput.
We ran the application performance tests with 1000 users with https transactions and I noticed that the all the root certificates under the chaingroup disappeared. Only the website certificate remained. When I accessed the website, it gave 'error with the security certificate' i.e. the root was not identifiable due to missing certificates. Eventually, the CPU went 100% on Cat6500 and the ACE module was shutdown by the chassis. It got reenabled automatically in 5 minutes.
I re-added the root certs, removed/added the service policy and after sometime I noticed the root certs disappeared again. STRANGE !
show version output is
Cisco Application Control Software (ACSW)
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2006, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
Software
loader: Version 12.2[121]
system: Version 3.0(0)A1(6.3a) [build 3.0(0)A1(6.3a) adbuild_02:16:25-2008/02/02_/auto/adbu-rel3/ws/rel_3_0_0_a1_6.3-thr
ottle/REL_3_0_0_A]
system image file: [LCP] disk0:c6ace-t1k9-mz.3.0.0_A1_6_3a.bin
installed license: ACE-08G-LIC ACE-VIRT-020 ACE-SSL-10K-K9
Hardware
Cisco ACE (slot: 2)
cpu info:
number of cpu(s): 2
cpu type: SiByte
cpu: 0, model: SiByte SB1 V0.2, speed: 700 MHz
cpu: 1, model: SiByte SB1 V0.2, speed: 700 MHz
memory info:
total: 957640 kB, free: 347924 kB
shared: 0 kB, buffers: 1588 kB, cached 0 kB
cf info:
filesystem: /dev/cf
total: 1014624 kB, used: 360960 kB, available: 653664 kB
last boot reason: NP 0 Failed : NP ME Hung
configuration register: 0x1
Could you please advise whether there is any bug in the above software version i.e. it removes the root certs due to heavy transaction load.
Thanks.
Solved! Go to Solution.
03-06-2009 05:39 AM
Upgrade to A2(1.3)
CSCsl96203: SSL certificate is lost from user context after reboot/crash
Gilles.
03-06-2009 05:39 AM
Upgrade to A2(1.3)
CSCsl96203: SSL certificate is lost from user context after reboot/crash
Gilles.
03-06-2009 08:58 AM
I wanted to look for more details regarding this bug id. But I got the below message in Bug Toolkit. Please advise...
CSCsl96203 Bug Details
Information contained within bug ID CSCsl96203 is only available to Cisco employees. It is our policy to make all externally-facing bugs available in Bug Toolkit so the system administrators have been automatically alerted to the problem. By choosing to save this bug, you may be notified when the decision to make this bug available to you has been made. Note: Some product enhancement requests and documentation error bugs may not be available in Bug Toolkit.
03-06-2009 09:33 AM
Hi,
I have downloaded the A2(1.3) version but I am not able to find any release notes detailing bug resolution list etc.
Also, can I do a direct upgrade from current version to A2(1.3).
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide