Avamar: Back-end-Bericht (DD) schlägt nach dem Upgrade von Data Domain OS fehl

Summary: Der Avamar-Back-end-Bericht (DD) schlägt nach dem Upgrade von Data Domain OS fehl.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Der Avamar-Back-end-Bericht (DD) schlägt nach dem Upgrade von Data Domain OS fehl.

Der in der mcserver.log angezeigte Fehler lautet: 
com.avamar.mc.rpt.job.BackendCapacityDDReportJob.publishStatus
WARNING: I/O error: Fatal Alert received: Handshake Failure.; nested exception is javax.net.ssl.SSLException: Fatal Alert received: Handshake Failure.
org.springframework.web.client.ResourceAccessException: I/O error: Fatal Alert received: Handshake Failure.; nested exception is javax.net.ssl.SSLException: Fatal Alert received: Handshake Failure.
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:453)
        at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:415)
        at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:391)
        at com.avamar.mc.rpt.bcrdd.AuthSession.authenticate(AuthSession.java:87)
        at com.avamar.mc.rpt.job.BackendCapacityDDReportJob.authenticate(BackendCapacityDDReportJob.java:634)
        at com.avamar.mc.rpt.job.BackendCapacityDDReportJob.submit(BackendCapacityDDReportJob.java:244)
        at com.avamar.mc.rpt.job.BackendCapacityDDReportJob.run(BackendCapacityDDReportJob.java:130)
        at com.avamar.mc.rpt.job.ReportManager$1.run(ReportManager.java:88)
        at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLException: Fatal Alert received: Handshake Failure.
        at com.rsa.sslj.x.aH.a(Unknown Source)
        at com.rsa.sslj.x.aH.a(Unknown Source)
        at com.rsa.sslj.x.aH.a(Unknown Source)
        at com.rsa.sslj.x.ap.c(Unknown Source)
        at com.rsa.sslj.x.ap.a(Unknown Source)
        at com.rsa.sslj.x.ap.j(Unknown Source)
        at com.rsa.sslj.x.ap.i(Unknown Source)
        at com.rsa.sslj.x.ap.h(Unknown Source)
        at com.rsa.sslj.x.aS.startHandshake(Unknown Source)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
        at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:88)
        at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
        at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:49)
        at org.springframework.http.client.InterceptingClientHttpRequest$RequestExecution.execute(InterceptingClientHttpRequest.java:91)
        at com.avamar.mc.datadomain.DdrRestClient$1.intercept(DdrRestClient.java:92)
        at org.springframework.http.client.InterceptingClientHttpRequest$RequestExecution.execute(InterceptingClientHttpRequest.java:81)
        at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:67)
        at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
        at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:49)
        at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:438)
        ... 8 more

Cause

Das Data Domain-Betriebssystem verwendet neue Verschlüsselungen, die nicht im mcserver.xml in Avamar angegeben sind.

Resolution

Auf dem Avamar Server sollten keine Backups, Wiederherstellungen oder Replikationen ausgeführt werden.

Erstellen Sie eine Kopie von /usr/local/avamar/var/mc/server_data/prefs/mcserver.xml.

Beenden Sie den MCS-Service.

Aktualisieren Sie die folgenden Einträge im mcserver.xml: 
<entry key="ddr_rest_supported_cipher_suites"
and
<entry key="ssl_ciphers"
Stellen Sie sicher, dass die folgenden Chiffren in beiden Einträgen vorhanden sind: 
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

Starten Sie den MCS-Service

. Der Avamar-Back-end-Bericht (DD) sollte jetzt funktionieren.

Affected Products

Avamar Server
Article Properties
Article Number: 000220880
Article Type: Solution
Last Modified: 16 Feb 2024
Version:  2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.