跳转到主内容

对更换配置了 TPM 芯片和 OKM 的主板进行故障排除

Views:
97
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

问题描述

  1. 更换配备TPM芯片、 已安装TPM许可证并使用加密数据(非根)卷的FAS或AFF主板时、如果覆盖交还否决、NVE卷将脱机。您将看到 gB.sf.vet.kmgr.keysmissing 事件:

::>event log show  -message-name gb.sfo.veto.kmgr.keysmissing
<date><time> <node-name> ERROR gb.sfo.veto.kmgr.keysmissing: Giveback of aggregate <aggr-name> failed due to unavailability of volume encryption keys for the encrypted volumes of the aggregate on the partner node <node-name>.

  1. 更换配备TPM芯片、 安装了TPM许可证并使用加密根卷的FAS或AFF主板时,系统在配置TPM并对根卷进行加密的情况下不会启动(错误ID 148077)。  启动时、您将看到以下错误:

Jun 08 12:05:30 [node1:crypto.okmrecovery.failed:ALERT]: ERROR: Import of the onboard key hierarchy failed: failed to import key hierarchy. Additional information: error: ssal unseal failed.

  • 错误ID 1416279 已 作为 自动执行此过程的请求打开。

 

 


 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.