We have released Shield 1.3.1 and Shield 1.2.3 today. These are bug fix releases that fix a serialization bug in Shield 1.3.0 and Shield 1.2.2 that prevented rolling upgrades when using message authentication. Read below for all of the details and then download it here.
Shield provides support for message authentication through the use of a shared system key. In Shield 1.2.2 and 1.3.0, a bug was introduced that caused the message authentication to fail when communicating with nodes running Shield 1.2.1 or earlier. During a rolling upgrade from Shield 1.2.1 to Shield 1.2.2 or 1.3.0, the nodes running the newer version would not be able to join the cluster and would see “tampered signed text” log messages.
Upgrading from Shield 1.2.1 or earlier
If you have not upgraded to Shield 1.2.2 or 1.3.0, then you can simply follow the normal upgrade instructions and upgrade to Shield 1.2.3 or Shield 1.3.1.
Upgrading from Shield 1.2.2 or 1.3.0
The first step is to determine if you are using message authentication . If you have not configured the system-key on all nodes, you are not using message authentication; please follow the normal upgrade instructions. If you are using the message authentication feature with Shield 1.2.2 or 1.3.0, then a cluster restart upgrade will be necessary. The existing Shield plugin should be uninstalled and the new plugin should be installed on each node while they are stopped as documented in the upgrading shield documentation.
We would love to hear any feedback and questions that you may have via the Shield category in our forums.