OPERATIONAL DEFECT DATABASE
...
...
When performing a search for connection events having SSL Failure Reason as 'Decryption Error' there will be no results even though in the Dashboard->Connection Summary->SSL->SSL Decryption Failure Reasons the 'Decryption Error' counter is non-zero.
A SSL policy with Decrypt-Resign is applied and traffic matches the policy.
N/A
Brief investigations show that the likely cause is missing decryption error entries in rna_flow_stats_* while the ssl_stats_* tables are populated correctly with decryption error stats. This may explain the non-zero counters in the dashboard and zero results of the connection events. select count(decryption_error) from ssl_stats_day_1609891200_0; +-------------------------+ | count(decryption_error) | +-------------------------+ | 8 | +-------------------------+ 1 row in set (0.00 sec) mysql> select count(*) from rna_flow_stats_1607689200_0 where ssl_flow_status=10; +----------+ | count(*) | +----------+ | 0 | +----------+ 1 row in set (1.10 sec) select count(*) from rna_flow_stats_1609095060_0 where ssl_flow_status=10; +----------+ | count(*) | +----------+ | 0 | +----------+ 1 row in set (0.65 sec) select * from ssl_flow_status; +----+----------------------------------------------+---------------------+ | id | name | last_mod | +----+----------------------------------------------+---------------------+ | 3 | Uncached Session | 2020-12-09 10:02:30 | | 9 | Handshake Error | 2020-12-09 10:02:30 | | 10 | Decryption Error | 2020-12-09 10:02:30 |
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
