在更换节点的主板或启动设备后、板载密钥管理器操作失败

最后更新
另存为PDF

Views:

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: core

Last Updated:

适用场景

ONTAP 9.6及更高版本
NetApp卷加密(NVE)
更换主板
替换BootDevice

问题描述

在更换节点的主板或启动设备后、板载密钥管理器操作失败：

cluster1::> security key-manager key show

Node: node03 Key Store: onboard Used By -------- NSE-AK Key ID: 000000000000000002000000000001008450244552xxxxxxxxxxxxxxxxxx0000000000000000 NSE-AK Key ID: 00000000000000000200000000000100e8609d2801xxxxxxxxxxxxxxxxxx0000000000000000 VEK Key ID: 00000000000000000200000000000500ef174daafxxxxxxxxxxxxxxxxxx80000000000000000 SVM-KEK Key ID: 00000000000000000200000000000a00943519801xxxxxxxxxxxxxxxxxxx0000000000000000

Node: node04 Key Store: onboard Used By -------- NSE-AK Key ID: 00000000000000000200000000000100845024ssssxxxxxxxxxxxxxxxxxx0000000000000000

Node: node04 Key Store: onboard Used By -------- NSE-AK Key ID: 00000000000000000200000000000100e8609d280xxxxxxxxxxxxxxxxxxd0000000000000000 SVM-KEK Key ID: 00000000000000000200000000000a00943519801sxxxxxxxxxxxxxxxxxx0000000000000000 7 entries were displayed.

Error: One or more nodes have the Onboard Key Manager keys that need to be restored. Run the "security key-manager onboard sync" command to restore the onboard key hierarchy on those nodes.

::> security key-manager onboard show-backup

Error: show failed: The Onboard Key Manager backup operation failed with error: Unknown. Possible reasons for failure include a missing or corrupted backup configuration. Use the "security key-manager onboard sync" command to synchronize the onboard key hierarchy and then retry the backup command. If the problem persists, contact technical support.