跳转到主内容

NetApp wins prestigious Coveo Relevance Pinnacle Award. Learn more!

INSIGHT Japan :2023年 1月25日(水)ANAインターコンチネンタルホテル開催 へ参加・申込を行う

使用板载密钥管理( OKM )时:执行密钥查询时,某些节点的 VEKS 未列出

Views:
17
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

适用场景

  • ONTAP 9.6
  • 板载密钥管理器( OKM )

问题描述

执行 "security key-manager key query"

Cluster::*> key-manager key query
  (security key-manager key query)

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-01
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-01               NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxx88155e8f9511a75680000000000000000
Cluster-01                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxx8c0876576160ff0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-02
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-02                NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxxd88155e8f9511a75680000000000000000
Cluster-02                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000
Cluster-02               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxxx8c0876576160ff0000000000000000
Cluster-02                SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000
10 entries were displayed.

If any listed keys have "false" in the "Restored" column, run the "security key-manager external restore" command to restore the keys that are stored on an external key server and run the "security key-manager onboard sync" command to synchronize the keys that are part of the onboard key hierarchy.
 

请注意,节点下未列出以下密钥: cluster-01 :

SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000

 

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device