Example of the error output:

The FortiWeb console connection displays error messages as shown in the image below after upgrading the FortiWeb firmware version to v7.6.6.

Sample Image:

Export the system debug file from the FortiWeb management pane and extract the system debug file. Open the console.log file, which shows the output from the console display.

Identify the error messages:

FortiWeb parses the full config and reloads it into the system after the firmware upgrades and reboots. A parsing error would mean that FortiWeb failed to parse the specific config line after upgrading the firmware version. To identify the error, scan and check through the CMDB log files to look for the parsing error lines.

CMDB sample logs:

Explanation of the parsing error messages:

In previous firmware versions, the line config line 'set ssl-custom-cipher' existed in the server pool’s members setting even if the SSL-cipher is not using a custom cipher list. In certain conditions, the 'set ssl-custom-cipher' may cause HA synchronization issues, which have now been fixed in v7.6.6.

It has now been changed that the line 'set ssl-custom-cipher' can only co-exist when the server pool’s member has enabled custom SSL-cipher settings 'set ssl-cipher custom'.

Sample image when ssl-cipher is in the default value 'medium':

Sample image when ssl-cipher changed to 'custom':

Impact of the parsing error message:

It is the correction of the config, whereas the line 'ssl-custom-cipher' exists only when the server pool’s member is configured to have a custom SSL cipher list 'set ssl-cipher custom'. These errors are not impacting the FortiWeb services.

Related document: