THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
19-Dec-17 |
Initial Release |
Affected OS Type | Affected Release | Affected Release Number | Comments |
---|---|---|---|
NON-IOS |
11 |
11.5(1) |
Defect ID | Headline |
---|---|
CSCve61410 | ECE 11.5 install fails at Blueboard |
Customers who upgrade from E-Mail Interaction Manager (EIM) / Web Interaction Manager (WIM) to Enterprise Chat & Email (ECE) or install ECE Release 11.5(1) might encounter Cisco bug ID CSCve61410 in the upgrade process.
Java 8 uses Transport Layer Security (TLS) v1.2 (the highest level protocol available on the host machine) in order to negotiate with the database server. Since the Java Database Connectivity (JDBC) driver used in the 11.5(1) installer contains an older sqljdbc4 file, there is a 5-10% chance that customers might encounter this symptom. This file is ONLY used in the installation process and does not affect or impact operations of production systems.
In the installation process, the installer might intermittently fail to establish a connection to the Structured Query Language (SQL) server. The 11.5(1) installer (and installer ONLY, this is not applicable for post-install production) uses a slightly older JDBC driver in order to establish a secure connection to a SQL server that uses Secure Sockets Layer (SSL) encryption. ECE Release 11.5(1) installs Java 8 which uses TLSv1.2 in order to negotiate the connection to the database server and because the JDBC driver contains a slightly older sqljdbc4 file, there is a 5% - 10% chance that customers might encounter this symptom.
Detection
If you are impacted by this defect, one of these issues might occur:
If you encounter either of those issues, investigate the upgrade_installer logs located in one of these locations and look for the trace message.
Locations of Installer Logs
If the file server is already installed:
Cisco_Home\eService\installation\logs\eg_log_Server_Name_eGainInstaller.log
If it is a new installation:
C:\Users\Your_Username\AppData\Local\Temp\egain_installer_Server_Name.log
Trace Message
The driver could not establish a secure connection to SQL Server by using SSL encryption. Error: "SQL Server returned an incomplete response. The connection has been closed.". <@>
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "SQL Server returned an incomplete response. The connection has been closed.".
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1352)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1533)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1042)
Once you confirm the issue, follow the workaround steps in the next section in order to resolve the issue.
In order to add a Java Virtual Machine (JVM) parameter (Djdk.tls.client.protocols=TLSv1) to manually force Java 8 to use TLSv1 in the install/upgrade process, complete these steps:
Do not proceed with the install, but simply keep the installer up and running until you proceed to step 7.
Open a Microsoft Windows temp folder. (Click Start. In the Search field, enter Run. In the Open field, enter %temp%.)
When you run the installer again as instructed in step 1, a new folder is created in the Windows temp folder which is the extract of the installer. (The folder in the Windows temp folder is created dynamically with a name that starts with capital letter I. For example, I1483955861.)
Copy the temp folder (for example, I1483955861) from the Windows temp folder location to the Desktop and stop the installer.
From the folder copied to the Desktop, open the setup.lax file via any text editor such as Notepad or TextPad (for example, \Desktop\I1483955861\Windows\setup.lax).
In order to modify the property named lax.nl.java.option.additional, append the parameter -Djdk.tls.client.protocols=TLSv1 to it. For example, if the property is:
lax.nl.java.option.additional=-XX:MaxPermSize=256M -Xss192K
change it to
lax.nl.java.option.additional=-XX:MaxPermSize=256M -Xss192K -Djdk.tls.client.protocols=TLSv1
Save the updated setup.lax file.
Cancel the installation.
Copy the updated folder from the Desktop location to the temp folder in the Windows location (replace the existing folder).
From the Windows temp folder, open the updated folder (per the example, I1483955861)\Windows. Right-click the setup.exe file and click Run as the administrator.
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
Unleash the Power of TAC's Virtual Assistance