Symptom
ISE Application server will crash and stuck initializing/not running after a successful TCP handshake with a secure syslog server.
This happened due to an issue building the Client hello. where ISE tries to check its trust chain.
Conditions
-not limited to ISE 3.1 patch 7. Other patches faced the issue as well
-any node that joins the deployment will face the issue if it starts the TCP handshake with Syslog server.
-de registering the node will carry the defect symptoms (crash will be seen when it is standalone)
-the TLS handshake will not be reached. (syn, syn/ack, ack) is enough
Workaround
-fix to be implemented.
-we have to block communication with secure syslog server, or disable it. Node will get up, a reload might be needed.
Further Problem Description
