跳转到主内容

外部密钥管理器状态显示一个节点不可用

Views:
6
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
encryption
Last Updated:

适用于

KMIP 服务器
外部密钥管理器

问题

根据 EMS 日志,集群中部分节点(并非所有节点)与 KMIP 服务器的加密连接似乎在一秒内断开并重新连接。
 
EMS 上显示的内容示例:

Sat Sep 19 07:29:53 UTC [node-n1: mgwd: km.keyserver.notavailable:alert]: The external key management server "10.1.2.3:5696" is not available for Vserver "vserv001", status: "unknown".
 
Output of 'security key-manager external show-status' indicates kmip server is not accessible by node-n2:
cluster::> security key-manager external show-status

 

Node      Vserver      Key Server                                                             Status
-------   ----------   ---------------------------------------------------------------        ---------
node-n1
           vserv001
                     10.1.2.3:5696                                                         available
                        10.1.2.4:5659                                                         available


node-n2
           vserv001
                       10.1.2.3:5696                                                         unknown
                       10.1.2.4:5659                                                         unknown

node-n3
           vserv001
                       10.1.2.3:5696                                                         available
                       10.1.2.4:5659                                                         available
node-n4
           vserv001
                      10.1.2.3:5696                                                         available
                      10.1.2.4:5659                                                         available

 

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support