跳转到主内容

外部密钥管理器状态显示一个节点不可用

Views:
8
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
encryption
Last Updated:

适用于

KMIP 服务器
外部密钥管理器

问题

根据 EMS 日志,集群中部分节点(并非所有节点)与 KMIP 服务器的加密连接似乎在一秒内断开并重新连接。
 
EMS 上显示的内容示例:

Sat Sep 19 07:29:53 UTC [node-n1: mgwd: km.keyserver.notavailable:alert]: The external key management server "10.1.2.3:5696" is not available for Vserver "vserv001", status: "unknown".
 
Output of 'security key-manager external show-status' indicates kmip server is not accessible by node-n2:
cluster::> security key-manager external show-status

 

Node      Vserver      Key Server                                                             Status
-------   ----------   ---------------------------------------------------------------        ---------
node-n1
           vserv001
                     10.1.2.3:5696                                                         available
                        10.1.2.4:5659                                                         available


node-n2
           vserv001
                       10.1.2.3:5696                                                         unknown
                       10.1.2.4:5659                                                         unknown

node-n3
           vserv001
                       10.1.2.3:5696                                                         available
                       10.1.2.4:5659                                                         available
node-n4
           vserv001
                      10.1.2.3:5696                                                         available
                      10.1.2.4:5659                                                         available

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device