Not able to connect to HTTPS web sites that use ECDHE cipher suites after upgrading to R77.30.
Traffic capture on Security Gateway shows that SSL handshake fails.
Debug of WSTLSD daemon (per sk105559) shows that SSL handshake fails because ECDHE cipher was not found:
cptls_hs_event_handler: event CPTLS_HS_ALERT, buf_len = 2
cptls_hs_record_alert: called. alert level: CPTLS_fatal description: CPTLS_handshake_failure
cptls_hs_record_alert: SNI_name: www.MyCompany.Example
cptls_Alert_Cache::add_hostname: host_name: www.MyCompany.Example
... ... ...
cptls_sni_in_alert_cache: SNI_name: www.MyCompany.Example
cptls_Alert_Cache::find_hostname: found host_name www.MyCompany.Example in cache.
cptls_sni_in_alert_cache: is_exist for sni www.MyCompany.Example: 1
cptls_params_imp::Get_Filtered_CipherSuites: start. m_propose_ecdhe: 2, sni_in_cache: 1
cptls_ecdhe_cipher_exists: ecdhe cipher not found.
Security Gateway does not propose the ECDHE cipher suites.