When rebooting or upgrading an SSL Visibility appliance the image verification fails with the message, "Image verification failed: The message did not match the PKCS7 signature". This will happen for all installed images and eventually lead to the message, "No bootable image found!".
At this point the SSL Visibility appliance will be unable to boot.
Any SSL Visibility Appliance running 4.x software images could potentially be affected.
"Image verification failed: The message did not match the PKCS7 signature"
"No bootable image found!"
This issue is caused by an expired certificate used to validate the images.
The solution is to upgrade to a GA release signed by a valid certificate. Please follow the steps below.
1. Login through GUI/CLI
Set date to November 10, 2018.
2. Upgrade the SSLV with a patched image
Available images are SSLV 126.96.36.199, 188.8.131.52, 184.108.40.206 or 220.127.116.11 and later.
Enable NTP and set date back to current
Delete all prior images
If the SSL Visibility is already in a non-bootable state please contact Symantec support and provide the appliance serial number and model. Serial console access or a VGA monitor with keyboard will be required to view the boot process.
Subscribing will provide email updates when this Article is updated. Login is required.