无法修改加密密钥 disk.encryptCmdFailed

最后更新
另存为PDF

Views:: 3

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: core

Last Updated:

适用场景

ONTAP 9
NetApp存储加密(NSE)
外部密钥管理器(EKM)
板载密钥管理器 (OKM)

问题描述

两个新系统已在双节点集群中作为 Test-01 和 Test-02 进行了测试。
测试完成后，它们被添加到现有的生产集群中，作为 Production-03、Production-04。
尝试修改磁盘上的加密密钥（板载密钥管理器）时，ONTAP 返回错误：

Production::> storage encryption disk modify -disk 2.* -data-key-id 000000000000000001000000000001001x1x11111x111111x111x11x111111x0000000000000000

24 entries were acted on.

Info: Starting modify on 12 disks on node Production-03.

View the status of the operation by using the "storage encryption disk show-status" command.

Starting modify on 12 disks on node Production-04.

View the status of the operation by using the "storage encryption disk show-status" command.

Production::*> storage encryption disk show-status
      FIPS   Latest   Start         Execution Disks  Disks    Disks
 Node   Support Request  Timestamp      Time (sec)  Begun   Done Successful
 ------- ------- -------- ------------------ ---------- ------ ------ ----------
 Production-01
      false   unknown  -               -    - -      -
 Production-02
      false   unknown  -               -    -    -      -
 Production-03
      false modify   1/1/2025 10:15:12      3    12    12      0
 Production-04
      false   modify   1/1/2025 10:15:12      3  12    12      0
 4 entries were displayed.

EMS.log

disk.encryptCmdFailed: Encrypting disk 0n.20 failed disk encrypt modify command with error status Could not authenticate with disk. (0xe).