01-06-2017 08:00 AM
Hello,
I've upgraded from 10.0.0-203 to the latest MD release 10.0.1-083 and immediately received these errors when trying to test the SSL outbound connection.
tlsverify
Checking TLS connection.
Application fault occured: ('egg/coro_ssl.py create|147', "<type 'exceptions.AttributeError'>", "'NoneType' object has no attribute 'ssl'", '[egg/omh.py remote_cmd_tls_verify|10602] [egg/omh.py try_connect_verify|10418]
[egg/tls_verify.py connect_verify|95] [egg/coro_ssl.py create|147]').
The workraound was to change the ssl configuration from TLS 1.0,1.1,1.2 to, for example, only use TLS 1.2. and afterwards back to something else.
We left it to only use TLS v1.2.
We have a C100v and a C170, and had to do this on both appliances.
Are you guys having the same problems after upgrading? (It's out since yesterday 5th of January)...
Regards,
Marijo
Solved! Go to Solution.
01-12-2017 08:45 PM
Hello,
Just an FYI 10.0.1-087 has now been released which resolves this issue.
Thanks!
-Dennis M.
01-06-2017 08:23 AM
Hi Marijo,
I do see a couple of recent sightings of this error after the upgrade and is currently being investigated to determine if a new defect would need to be filed.
I would recommend opening a TAC case (if not already) to assist with logs needed for investigation.
Regards,
Libin Varghese
01-11-2017 04:25 AM
Just updating this as more information has come out - I opened a case and the current workaround is as follows: (of course, bug fix s/b coming soon from Cisco)
To apply workaround, we changed a configuration setting under:
sslconfig -> outbound -> "outbound SMTP ssl cipher.”
Change the ciphers config and added ":-EXPORT” twice commit After suspend / resume the delivery is working.
You may change the setting back to it's original configuration and the workaround will persist ( just remove the last :-EXPORT part). However, after any reboot, the appliance may once again encounter the error.
01-06-2017 05:35 PM
Hello,
A defect was created today for the application fault you experienced after upgrading to 10.0.1-083 (MD).
TLS delivery breaks if first connection after boot is CPQ
Please note it may take 2-3 business days for the bug to become publicly visible. At this point in time, we do not recommend upgrading to 10.0.1-083 (MD) until this has been resolved.
As a temporary workaround, you can change one of the settings under Mail Policies --> Destination Controls --> TLS (IE: Preferred) to something else (IE: Preferred to Preferred-Verify) --> Submit --> Commit --> Change back (IE: Preferred-Verify back to Preferred) --> Submit --> Commit.
Thanks!
-Dennis M.
01-12-2017 08:45 PM
Hello,
Just an FYI 10.0.1-087 has now been released which resolves this issue.
Thanks!
-Dennis M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide