Loading...
Loading...
SyncIQ jobs with encryption fail with errors: Source cluster: 2024-06-06T09:46:51.280185+02:00 <3.3> SOURCENODEXXXX-XX(id1) isi_migrate[65129]: coord[POLICYXX:1717660008]: 1 time(s) tls_connect failure: An SSL handshake failure occurred while establishing an encrypted connection to the target cluster. Please view the logs on the source and target for further details. SSL error string: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure [ISI_TLS_ERROR_HANDSHAKE] Target cluster should have this string routines:ssl3_get_client_hello:no shared cipher : 2024-06-06T09:46:51.293694+02:00 <3.2> TARGETNODEXXX-XX(id4) isi_migrate[11059]: secondary: An SSL handshake failure occurred while establishing an encrypted connection with the source cluster. Please view the logs on the source and target for further details. SSL error string: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher [ISI_TLS_ERROR_HANDSHAKE]
A PowerScale cluster on or being upgrades to OneFS 9.7+ or 9.5.1 can fail TSL or SSL handshake with target cluster running older versions of OneFS.
Upgrading the target cluster first can prevent this issue from happening. Upgrade the target cluster to the latest OneFS version for compliance on FIPS/STIG clusters. Workaround: Modify SyncIQ policies to use the specified list of ciphers: isi sync policies modify <POLICY_NAME> --encryption-cipher-list="aRSA+AES:ECDSA+AES:-SHA:@STRENGTH" Once the target cluster is upgraded, revert the cipher list back to the default: isi sync policies modify <POLICY_NAME> --encryption-cipher-list=""
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.