When rebooting or upgrading an SSL Visibility appliance the image verification fails with the message, "Image verification failed: The message did not match the PKCS7 signature". This will happen for all installed images and eventually lead to the message, "No bootable image found!".

At this point the SSL Visibility appliance will be unable to boot.

"Image verification failed: The message did not match the PKCS7 signature"

"No bootable image found!"

Any SSL Visibility Appliance running 4.x software images could potentially be affected.

This issue is caused by an expired certificate used to validate the images.

The solution is to upgrade to a GA release signed by a valid certificate. Please follow the steps below.

1. Login through GUI/CLI

• Disable NTP.
• Set date to November 10, 2018.

2. Upgrade the SSLV with a patched image

• Available images are SSLV 4.4.1.5, 4.3.2.4, 4.2.6.2 or 4.4.2.1 and later.
• Reboot

3.Once rebooted

• Enable NTP and set date back to current
• Delete all prior images

If the SSL Visibility is already in a non-bootable state please contact Symantec support and provide the appliance serial number and model. Serial console access or a VGA monitor with keyboard will be required to view the boot process.