Security

Hello 

I want to upgrade a Juniper SRX 340 to version 20.2R3.

I did a software validate of the package. I have an error message coming up, despite a Validation succeeded at the end.

The problem is identical on the 2 chassis of the cluster.

Is this error blocking and will it cause problems, or can we ignore it?

Below are the returns of the command:

 

{node1}

> file list /cf/var/tmp

 

/cf/var/tmp:

appidd_trace_debug

cleanup-pkgs.log

eedebug_bin_file

gksdchk.log

gres-tp/

idp_license_info

install/

junos-srxsme-19.4R3.11.tgz

junos-srxsme-20.2R3-S4.7.tgz

kmdchk.log

krt_rpf_filter.txt

mmcq_mmdb_rep_mmcq

nsd_restart

pfe_debug_commands

phone-home/

pics/

policy_status

rtsdb/

sd-upgrade/

sec-download/

spu_kmd_init

vi.recover/

vpn_tunnel_orig.id

NODE1> file checksum md5 /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

MD5 (/cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz) = 096dbfdf88ecb06943b800XXXX

 

XXX_N@>XXX/COM> request system software validate /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

Checking compatibility with configuration

Initializing...

cp: /var/etc/extensions.allow: No such file or directory

cp: /var/db/certs/common/local/*: No such file or directory

cp: /var/db/certs/common/key-pair/*: No such file or directory

cp: /var/db/certs/common/certification-authority/*: No such file or directory

Verified manifest signed by PackageProductionECP256_2020 method ECDSA256+SHA256

Using /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

Checking junos requirements on /

Available space: 2528708 require: 454046

Saving boot file package in /var/sw/pkg/junos-boot-srxsme-20.2R3-S4.7.tgz

Verified manifest signed by PackageProductionECP256_2022 method ECDSA256+SHA256

Hardware Database regeneration succeeded

Validating against /config/juniper.conf.gz

Network security daemon: ssamlib error. Error code SSAMLIB_RTSLIB_ERROR

Network security daemon: rtslib: DEBUG IDL IDR Decode Error -1(Garbled Message)

mgd: commit complete

Validation succeeded

Validating against /config/rescue.conf.gz

Network security daemon: ssamlib error. Error code SSAMLIB_RTSLIB_ERROR

Network security daemon: rtslib: DEBUG IDL IDR Decode Error -1(Garbled Message)

mgd: commit complete

Validation succeeded

BR,
Zamal

------------------------------
ZAMALUDEEN ZEINOULABUDEEN
------------------------------

Hi,

I had the same error on my SRX 345 but I continued and everything worked as expected after the upgrade. In my opinion, its not a critical error otherwise the validation would not have been successful, so you are safe to proceed upgrade.

Original Message:
Sent: 08-04-2022 05:46
From: ZAMALUDEEN ZEINOULABUDEEN
Subject: Juniper SRX 340 to version 20.2R3 Error

Hello 

I want to upgrade a Juniper SRX 340 to version 20.2R3.

I did a software validate of the package. I have an error message coming up, despite a Validation succeeded at the end.

The problem is identical on the 2 chassis of the cluster.

Is this error blocking and will it cause problems, or can we ignore it?

Below are the returns of the command:

 

{node1}

> file list /cf/var/tmp

 

/cf/var/tmp:

appidd_trace_debug

cleanup-pkgs.log

eedebug_bin_file

gksdchk.log

gres-tp/

idp_license_info

install/

junos-srxsme-19.4R3.11.tgz

junos-srxsme-20.2R3-S4.7.tgz

kmdchk.log

krt_rpf_filter.txt

mmcq_mmdb_rep_mmcq

nsd_restart

pfe_debug_commands

phone-home/

pics/

policy_status

rtsdb/

sd-upgrade/

sec-download/

spu_kmd_init

vi.recover/

vpn_tunnel_orig.id

NODE1> file checksum md5 /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

MD5 (/cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz) = 096dbfdf88ecb06943b800XXXX

 

XXX_N@>XXX/COM> request system software validate /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

Checking compatibility with configuration

Initializing...

cp: /var/etc/extensions.allow: No such file or directory

cp: /var/db/certs/common/local/*: No such file or directory

cp: /var/db/certs/common/key-pair/*: No such file or directory

cp: /var/db/certs/common/certification-authority/*: No such file or directory

Verified manifest signed by PackageProductionECP256_2020 method ECDSA256+SHA256

Using /cf/var/tmp/junos-srxsme-20.2R3-S4.7.tgz

Checking junos requirements on /

Available space: 2528708 require: 454046

Saving boot file package in /var/sw/pkg/junos-boot-srxsme-20.2R3-S4.7.tgz

Verified manifest signed by PackageProductionECP256_2022 method ECDSA256+SHA256

Hardware Database regeneration succeeded

Validating against /config/juniper.conf.gz

Network security daemon: ssamlib error. Error code SSAMLIB_RTSLIB_ERROR

Network security daemon: rtslib: DEBUG IDL IDR Decode Error -1(Garbled Message)

mgd: commit complete

Validation succeeded

Validating against /config/rescue.conf.gz

Network security daemon: ssamlib error. Error code SSAMLIB_RTSLIB_ERROR

Network security daemon: rtslib: DEBUG IDL IDR Decode Error -1(Garbled Message)

mgd: commit complete

Validation succeeded

BR,
Zamal

------------------------------
ZAMALUDEEN ZEINOULABUDEEN
------------------------------