Known Issues

Report Number	Description
SD-11964	Spurious email warning when restoring a Services Director backup. Under certain circumstances, when restoring a backup of the Services Director the admin can receive an email warning of 'Crash of process x86_64'. This does not represent a problem and can be safely ignored.
SD-12558	Upgrading a HA pair of Services Directors may require the use of the ssc database validation-err ignore command on the Secondary node. When performing an upgrade of a Services Director HA pair, the user may be presented with an error message "Cannot validate service configuration or database. Please check log for details. Use the command 'ssc database validation-err ignore’ to override validation result and redo image install/upgrade." If appearing on the second node to be upgraded, the warning can safely be disregarded and the ssc database validation-err ignore command used to allow the upgrade to progress. If appearing on the first node to be upgraded, it may indicate a problem with Services Director's inventory; users should consult Pulse Secure Support in this case.
SD-12564	The "Connection duration" metric in analytics application is called "Transaction duration" in the extended filter panel. Users of the analytics application Explore view wishing to perform filtering on the basis of connection durations should use the "Transaction Duration" field in the extended filter panel. The "Transaction Duration" field is equivalent to connection duration for connection-based vServers.
SD-12652	Upgrading a HA pair directly from versions earlier than 17.1 to version 18.1 or later can fail to update internal passwords. Customers following affected upgrade paths should run the CLI command ssc high-avail refresh-state after the upgrade on the Primary node, and (once that is complete) also on the Secondary node. Note that standalone Primary nodes are unaffected by this issue.
SD-13085	Creating HA primary node after 'ssc high-avail reset' leaves Services Director service stopped. Restarting the Services Director service through "System->Service Status" or the CLI command "pm process ssc restart" will restore the services.
SD-13108	Disabling NTP and setting time manually causes Services Director service to terminate. To workaround this issue, reboot the Services Director VA after changing the time.
SD-13881	The following validation error can erroneously be seen when upgrading a Secondary Services Director from version 2.4r1: "% Cannot validate service configuration or database. Please check log for details. Use command 'ssc database validation-err ignore' to override validation result and redo image install/upgrade." It is safe to follow the indicated instructions to override the validation.
SD-13913	Executing the ssc high-avail force-failover CLI command on AWS can result in the following error: "% Failed to fetch operation status: Service endpoint IP address <IP> not raised on interface primary". Force failover can be successfully executed via the Services > Manage HA page of the GUI when logged in to your secondary Services Director."
SD-14000	Setting the SSL cipher list to contain only unsupported ciphers disables parts of the CLI and breaks Instances page. To workaround this issue, manually modify the file /opt/riverbed-ssc/conf/ssc_config.ini to use the following default ciphers: ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL:!MD5:!DSS:DH+AES256 Then, restart Services Director using the command: pm process ssc restart.
SD-14071	Services Director comms channel links to individual vTM instances can in rare circumstances become blocked. This is recognisable by repeated occurrences of "Error: Second connection attempt from <uid>" in the Services Director Log and a corresponding monitoring failure. The workaround for this problem is to restart the Services Director API (System > Service Status > Restart on the VA, see the Services Director Advanced User Guide for Ubuntu and CentOS).

SD-11964

Spurious email warning when restoring a Services Director backup. Under certain circumstances, when restoring a backup of the Services Director the admin can receive an email warning of 'Crash of process x86_64'. This does not represent a problem and can be safely ignored.

SD-12558

Upgrading a HA pair of Services Directors may require the use of the
ssc database validation-err ignore command on the Secondary node. When performing an upgrade of a Services Director HA pair, the user may be presented with an error message "Cannot validate service configuration or database. Please check log for details. Use the command 'ssc database validation-err ignore’ to override validation result and redo image install/upgrade." If appearing on the second node to be upgraded, the warning can safely be disregarded and the ssc database validation-err ignore command used to allow the upgrade to progress. If appearing on the first node to be upgraded, it may indicate a problem with Services Director's inventory; users should consult Pulse Secure Support in this case.

SD-12564

The "Connection duration" metric in analytics application is called "Transaction duration" in the extended filter panel. Users of the analytics application Explore view wishing to perform filtering on the basis of connection durations should use the "Transaction Duration" field in the extended filter panel. The "Transaction Duration" field is equivalent to connection duration for connection-based vServers.

SD-12652

Upgrading a HA pair directly from versions earlier than 17.1 to version 18.1 or later can fail to update internal passwords. Customers following affected upgrade paths should run the CLI command ssc high-avail refresh-state after the upgrade on the Primary node, and (once that is complete) also on the Secondary node. Note that standalone Primary nodes are unaffected by this issue.

SD-13085

Creating HA primary node after 'ssc high-avail reset' leaves Services Director service stopped. Restarting the Services Director service through "System->Service Status" or the CLI command "pm process ssc restart" will restore the services.

SD-13108

Disabling NTP and setting time manually causes Services Director service to terminate. To workaround this issue, reboot the Services Director VA after changing the time.

SD-13881

The following validation error can erroneously be seen when upgrading a Secondary Services Director from version 2.4r1: "% Cannot validate service configuration or database. Please check log for details. Use command 'ssc database validation-err ignore' to override validation result and redo image install/upgrade." It is safe to follow the indicated instructions to override the validation.

SD-13913

Executing the ssc high-avail force-failover CLI command on AWS can result in the following error: "% Failed to fetch operation status: Service endpoint IP address <IP> not raised on interface primary". Force failover can be successfully executed via the Services > Manage HA page of the GUI when logged in to your secondary Services Director."

SD-14000

Setting the SSL cipher list to contain only unsupported ciphers disables parts of the CLI and breaks Instances page. To workaround this issue, manually modify the file /opt/riverbed-ssc/conf/ssc_config.ini to use the following default ciphers:

ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL:!MD5:!DSS:DH+AES256

Then, restart Services Director using the command: pm process ssc restart.

SD-14071

Services Director comms channel links to individual vTM instances can in rare circumstances become blocked. This is recognisable by repeated occurrences of "Error: Second connection attempt from <uid>" in the Services Director Log and a corresponding monitoring failure. The workaround for this problem is to restart the Services Director API (System > Service Status > Restart on the VA, see the Services Director Advanced User Guide for Ubuntu and CentOS).