Alert on Unisphere when retrieving or refreshing the technical advisory with a configured proxy.
Alert Text: Failed to get technical advisory with configured proxy https://xxxxxxxxxxxxxx
Troubleshooting:
Curl the colu server (the Dell server responsible for retrieving technical advisories) without the proxy. Server times out as communication is not allowed outside the user's environment without a proxy server.
curl -X POST https://colu.emc.v ; date
Thu Oct 22 09:13:32 UTC 2021
Hostname was NOT found in DNS cache
Trying 168.x.x.x
connect to 168.x.x.x port 443 failed: Connection timed out
Failed to connect to colu.emc.com port 443: Connection timed out
Closing connection 0
curl: (7) Failed to connect to colu.emc.com port 443: Connection timed out
Thu Oct 22 09:15:39 UTC 2020
Curl the colu server using the proxy server, returns "HTTP/1.1 400 Bad Request."
curl -x http://<proxy_server_ip>:<port> -X POST https://colu.emc.com:443/soap/rpc -H "Content-Type: text/xml;charset=UTF-8" -H " SOAPAction:" -v
* Hostname was NOT found in DNS cache
* Trying 10.x.x.x
* Connected to 10.x.x.x (10.x.x.x) port x (#0)
* Establish HTTP proxy tunnel to colu.emc.com:443
> CONNECT colu.emc.com:443 HTTP/1.1
> Host: colu.emc.com:443
> User-Agent: curl/7.37.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, Certificate (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=Texas; L=Round Rock; O=Dell; CN=colu.emc.com
* start date: 2020-08-25 03:21:00 GMT
* expire date: 2022-08-25 03:21:00 GMT
* subjectAltName: colu.emc.com matched
* issuer: C=US; O=Entrust, Inc.; OU=See www.xxx.net/x; OU=(c) 2012 Entrust, Inc. - for authorized use only; CN=Entrust Certification Author ity - L1K
* SSL certificate verify ok.
> POST /soap/rpc HTTP/1.1
> User-Agent: curl/7.37.0
> Host: colu.emc.com
> Accept: */*
> Content-Type: text/xml;charset=UTF-8
>
< HTTP/1.1 400 Bad Request
< Date: Thu, 18 Feb 2021 10:55:45 GMT
* Server dell is not blacklisted
< Server: dell
< Content-Type: text/html;charset=utf-8
< X-Content-Type-Options: nosniff
< Vary: Accept-Encoding
< Connection: close
< Transfer-Encoding: chunked
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head><title>400 Bad Request</title></head>
<body>
<h1>Bad Request</h1>
<h3>The request sent by the client was syntactically incorrect.</h3>
</body>
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
Cause
The the connection between colu.emc.com and the proxy server was closed before the application data received from colu.emc.com could be fully sent to the Unity array. This appears to be due to the way curl handles the connections.
Resolution
This issue could not be reproduced in the new release. New release upgraded the curl lib to 7.63.0, while older release uses 7.50.2.
An upgrade to the next release should address this issue.
Temporary workarounds:
Do Not use a proxy server.
Disabling or deactivating the alert.
