Skip to main content
NetApp Knowledge Base

Why does OnCommand Insight / OnCommand Data Warehouse display banner: 'Security risk: default encryption keys detected'?

Views:
534
Visibility:
Public
Votes:
1
Category:
oncommand-insight
Specialty:
oci
Last Updated:

 

Applies to

  • OnCommand Insight 7.3.x ( OCI )
  • OnCommand Insight Data Warehouse 7.3.x  ( OCI DWH )

Answer

Data WareHouse Banner Message:

clipboard_efc2e9a9c6a7e8c15537bdfd473570b1c.png

The following statement is documented within the OnCommand Insight 7.3.5 Release Notes Page 17

Warning if using default security key pairs:
Insight detects if your configuration is using default encryption keys, and displays warning messages on the Server health page and the Data Warehouse health monitor, recommending that you change the encryption keys. The message is also displayed at the completion of an upgrade or installation. After the keys have been changed, the warning messages will no longer be displayed.

Per the DWH documentation for Managing DWH Security, you will need to use the Windows CLI with Run as Administrator to change encryption keys.

Perform the following steps to update Encryption keys in Data Warehouse (DWH):

  1. Login directly to or Remote Desktop (RDP) into DWH host operating system.
  2. Open the CLI with Run as Admin, and initiate the securityadmin tool as outlined in Documentation for your version of OnCommand Insight.
    • Note: Run the file with the -i option to leverage the interactive wizard.
  3. Select option 6 to check if the current encryption key is the default key or not.
  4. Select option 3 to re-create the encryption key.
  5. Select option 6 to verify current encryption key is not the default key.
  6. Restart the SANscreen Server service.
  7. Clear the browser cache and cookies from any browsers that were previously used to access DWH.
  8. Login to DWH and verify the red banner is gone.

Note: Avoid using any full URLs within the browser history from any previous WebUI sessions. If URLs from the browser history are used, the error Server Not Found is expected.

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.