Unable to upgrade Deep Security Manager (DSM) to version 9.5 or 9.6 due to enabled SSL configuration

- Updated:
- 24 Nov 2016
- Product/Version:
- Deep Security 9.6
- Platform:
- Linux - Red Hat RHEL 6 64-bit
- Windows 2003 Standard 64-bit
- Windows 2008 Enterprise 64-bit
- Windows 2008 Standard 64-bit
- Windows 8 64-bit
- Windows 8.1 64-bit

Summary

The SSL configuration is disabled by default. However, this setting can be activated to encrypt the communication between DSM and Microsoft SQL Server.

When the SSL configuration is enabled on DSM 9.0 or 9.5, the DSM fails to upgrade to version 9.5 or 9.6.

Details

As a workaround:

Prior to DSM 9.5 or 9.6 upgrade, verify if the communication between DSM and MS SQL Server is encrypted.
1. Find the dsm.properties file under the following locations:
  - For Windows, go to \Deep Security Manager\webclient\webapps\ROOT\WEB-INF folder.
  - For Linux, go to /opt/dsm/webclient/webapps/ROOT/WEB-INF/ directory.
2. Look for the "database.SqlServer.ssl=require" parameter. If this line exists, the SSL configuration is enabled.
Deactivate the SSL configuration.
1. Stop the Deep Security Manager service.
2. Delete "database.SqlServer.ssl=require" from the dsm.properties file.
3. Restart the Deep Security Manager service.
Upgrade the DSM to version 9.5 or 9.6.
Once the upgrade is completed, add the "database.SqlServer.ssl=require" line back to dsm.properties file.