MID Server Mutual Authentication with Instance broken after upgrade from Quebec Patch 1 to 2 - MID Server Security Policy table having values reset as "false"DescriptionThe values in MID Server Security Policy table (mid_cert_check_policy) is changed by an upgrade, causing an issue with Mutual authentication when MID Server tries to authenticate with the instance. When the MDI Server starts up after the upgrade, the config.xml file of the MID Server for the mid.ssl.bootstrap.default.check_cert_chain, mid.ssl.bootstrap.default.check_cert_hostname, mid.ssl.bootstrap.default.check_cert_revocation settings is overwritten by what is now in the mid_cert_check_policy table.Steps to Reproduce To reproduce a MID Server outage: Install a Quebec MID Server using the MSI installer, with Mutual Authentication (uTLS) for the authentication with the instance.Upgrade the instance to Quebec Patch 2.mid_cert_check_policy will have been modified by the upgrade, turning off the checks, which also has the side effect of breaking Mutual Authentication Agent log shows: 05/12/21 10:51:29 (635) StartupSequencer MID buildstamp: quebec-12-09-2020__patch2-03-17-2021_03-25-2021_192105/12/21 10:51:30 (318) StartupSequencer SEVERE *** ERROR *** SOAP Request: <SOAP-ENV:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://www.service-now.com/GetMIDInfo" xmlns:m="http://www.service-now.com" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:execute><roles xsi:type="xsd:string">mid_server,soap,soap_script,soap_query,soap_create,soap_delete,soap_ecc,soap_script,soap_update</roles></m:execute></SOAP-ENV:Body></SOAP-ENV:Envelope>05/12/21 10:51:30 (319) StartupSequencer SEVERE *** ERROR *** SOAP Response: Status code=401, Response body=<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>User Not Authenticated</faultcode><faultstring>User Not Authenticated</faultstring><detail>Error completing SOAP request</detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>05/12/21 10:51:30 (321) StartupSequencer WARNING *** WARNING *** Could not authenticate user 'null' on the ServiceNow instance <<== That's the clue Mutual Authentication is being used instead of a user05/12/21 10:51:30 (324) StartupSequencer SEVERE *** ERROR *** test failurejava.lang.IllegalStateException: User cannot be authenticated or is missing the proper roles. If you have deleted or changed the MID server keystore, and config.xml mid.instance.password value is encrypted, you may need to change this value to plain text (during MID startup, password is re-encrypted using current keystore and written back to mid.instance.password).at com.service_now.mid.services.StartupSequencer.runTests(StartupSequencer.java:637)at com.service_now.mid.services.StartupSequencer.startupSequencerRunnable(StartupSequencer.java:686)at java.base/java.lang.Thread.run(Thread.java:834) WorkaroundThis problem is currently under review. You can contact ServiceNow Technical Support or subscribe to this Known Error article by clicking the Subscribe button at the top right of this article to be notified when more information becomes available. Workaround the issue by making changes on the instance side in table mid_cert_check_policy to enable the checks again after upgrade.Related Problem: PRB1497802