跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

使用板载密钥管理( OKM )时:执行密钥查询时,某些节点的 VEKS 未列出

Views:
16
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

适用场景

  • ONTAP 9.6
  • 板载密钥管理器( OKM )

问题描述

执行 "security key-manager key query"

Cluster::*> key-manager key query
  (security key-manager key query)

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-01
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-01               NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxx88155e8f9511a75680000000000000000
Cluster-01                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxx8c0876576160ff0000000000000000
Cluster-01               SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000

   Vserver: Cluster
 Key Manager: onboard
     Node: Cluster-02
  Key Server: ""

Key Tag                 Key Type  Restored
------------------------------------  --------  --------
Cluster-02                NSE-AK   true
   Key ID: 000000000000000002000000000001003260fcee69xxxxd88155e8f9511a75680000000000000000
Cluster-02                NSE-AK   true
   Key ID: 00000000000000000200000000000100354a30c9xxxx1b4ea18d772a94dc398d0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000
Cluster-02               SVM-KEK   true
   Key ID: 00000000000000000200000000000a002c38fab416e3d9xxxx8c0876576160ff0000000000000000
Cluster-02                SVM-KEK   true
   Key ID: 00000000000000000200000000000a008a2aafe553axxxxc2f1d1429014c35c70000000000000000
10 entries were displayed.

If any listed keys have "false" in the "Restored" column, run the "security key-manager external restore" command to restore the keys that are stored on an external key server and run the "security key-manager onboard sync" command to synchronize the keys that are part of the onboard key hierarchy.
 

请注意,节点下未列出以下密钥: cluster-01 :

SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500950bdf38a251b7xxxxac5acae751d5aa0000000000000000
SVM1                  VEK     true
   Key ID: 00000000000000000200000000000500a3896a2b6ab5xxxx6387c9b52c31005c0000000000000000

 

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support