암호화된 SyncIQ 정책이 실패하며 "SSLv3 alert unsupported certificate" 표시

SyncIQ의 암호화는 클라이언트 및 서버 인증을 모두 사용합니다. 

체인 인증서 "certificate imported in server/peer store of SyncIQ"의 끝은 한 가지 유형의 인증 "Typically it will be server authentication only"만 사용하도록 구성됩니다.

확인 및 체크:

a) isi_migrate.logs에서:

클러스터에서:
--------------
# isi_for_array -sQ ' grep "An SSL handshake failure occurred while establishing" /var/log/isi_migrate.log | grep coord ' | sort | tail -5 

로그에서:
------------
$ grep -h "An SSL handshake failure occurred while establishing" */varlog.tar/log/isi_migrate.log | grep coord | sort | tail -5 

예상 오류:
---------------------
TTTTTTTTTTTTTTT <3.3> xxxxxxxxxx-4(id8) isi_migrate[57638]: coord[xxxxxxxxxx:TTTTTTTTTTTT]: siq_create_alert_internal: type: 22 (policy name: xxxxxxxxxx target: xxxxxxxxxx) SyncIQ policy failed to establish an encrypted connection with target. An SSL handshake failure occurred while establishing an encrypted connection to the target cluster. Please view the logs on the source and target for further details. SSL error string: error:14094413:SSL routines:ssl3_read_bytes:sslv3 alert unsupported certificate [ISI_TLS_ERROR_HANDSHAKE], Target: xxxxxxxxxx

b) 서버/피어 인증 스토어에서

클러스터에서:
--------------
# openssl x509 -text -noout -in /ifs/.ifsvar/modules/isi_certs/synciq/peer/zone_1/certs/<ID>.crt | grep -A1 "X509v3 Extended Key Usage"

# openssl x509 -text -noout -in /ifs/.ifsvar/modules/isi_certs/synciq/server/zone_1/certs/<ID>.crt | grep -A1 "X509v3 Extended Key Usage"

로그에서:
------------
$ openssl x509 -text -noout -in local/ifsvar_modules.tar/modules/isi_certs/synciq/peer/zone_1/certs/<ID>.crt | grep -A1 "X509v3 Extended Key Usage"

$ openssl x509 -text -noout -in local/ifsvar_modules.tar/modules/isi_certs/synciq/server/zone_1/certs/<ID>.crt | grep -A1 "X509v3 Extended Key Usage"

위 명령어의 결과는 "TLS Web Server Authentication" 확인 전용이거나 "TLS Web Client Authentication" 확인 전용입니다.

올바른 출력은 "TLS Web Server Authentication" 및 "TLS Web Client Authentication" 모두를 찾는 것입니다.