Applicable Delphix Versions
All Sub Releases
After upgrading Delphix Engine to 220.127.116.11 from 18.104.22.168 the connection to the Delphix Reporting Engine was lost.
The Delphix Reporting Engine was version 1.5.
The failed connection will be reported as "Error: Received fatal alert: handshake failure" from the Engine Summary view.
Please note, in the above example the Engine is still reported as 22.214.171.124 because since the upgrade to 126.96.36.199 Delphix Reporting has been unable to establish a connection.
The issue is introduced because Delphix Reporting 1.5 uses Java 7 (1.7.0_121) and the Cipher Suite available with this version of Java is not enabled (by default) for an Engine running 188.8.131.52. As a consequence, the Cipher suite negotiation between the two nodes does not complete so the Transport Layer Security (TLS) Handshake Protocol fails.
The following workarounds are available:
1. Upgrade Delphix Reporting to 2.0
2. Install a later version of Java on the Delphix Reporting Host. Testing indicated at least Java 1.7u201 or Java 1.8u201 is sufficient.
3. Enable the HTTPS Cipher from the 184.108.40.206 Delphix Engine. In this case we were able to reestablish connectivity by enabling the following Cipher.
Ultimately it is the decision of the customer's security team to decide whether enabling the Cipher is acceptable. However, turning them on merely returns the customer to the same state they were in prior to the upgrade.
From 5.3.2 it is possible to enable individual Ciphers in Network Security Settings in Setup.
- ESCL-2313 Delphix Reporting HTTPS connection to Delphix engine breaks after upgrade to 220.127.116.11