Reset Search



KB44238 - vTM GUI becomes inaccessible after upgrading to 18.3 or above

« Go Back


Last Modified Date7/31/2019 3:36 PM

If you are planning on upgrading to either 18.3(r1), 19.1 or 19.2 and if you have configured any custom ciphers for the admin server (i.e. System > Security > SSL Settings for Admin Server and Internal Connections > admin!ssl3_ciphers), the GUI may become inaccessible after the upgrade.

In 18.3 and above, vTM introduces a new version of TLS (1.3) which requires two ciphers[1] that are automatically appended to the list of any custom ciphers when TLS 1.3 is enabled. But due to a bug (VTM-41769) in the vTM upgrade script, it fails to append the ciphers[1] to the list of custom ciphers in admin!ssl3_ciphers. This breaks the GUI for most browsers that try to use TLS 1.3.

[1] TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384

The workaround is to edit the file $ZEUSHOME/admin/global.cfg and append your custom ciphers followed by the above 2 ciphers, as below:

tuning!ssl3_ciphers <custom list>,TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384

Replace the <custom list> with the list of ciphers. You can get the list from $ZEUSHOME/zxtm/conf/settings.cfg, e.g. 

grep ssl3_ciphers $ZEUSHOME/zxtm/conf/settings.cfg
admin!ssl3_ciphers <custom list>


Then restart the admin server using the following command:

$ZEUSHOME/admin/rc restart

($ZEUSHOME is the installation directory, e.g. /usr/local/zeus or /opt/zeus, etc) 

Note: Restarting the admin server doesn’t affect the client traffic.

This issue has been raised as VTM-41769, please search for this in future release notes to see if it's been fixed.  If it hasn't been and the workaround is needed, please raise a support case so we can add your details to the above bug to raise its priority.

Problem or Goal
Related Links
Attachment 1 
Created ByYousaf Shah



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255