Skip to main content
NetApp Knowledgebase

Why does OnCommand Insight / OnCommand Data Warehouse display Banner: "Security Risk: Default Encryption Keys Detected"?

Views:
98
Visibility:
Public
Votes:
0
Category:
oncommand-insight
Specialty:
oci
Last Updated:

 

Applies to

OnCommand Insight (OCI) 7.3.x

OnCommand Insight Data Warehouse (DWH) 7.3.x

Answer

Data WareHouse Banner Message:

clipboard_efc2e9a9c6a7e8c15537bdfd473570b1c.png

 

The following statement is documented within the OnCommand Insight 7.3.5 Release Notes Page 17

Warning if using default security key pairs
Insight detects if your configuration is using default encryption keys, and displays warning messages on the Server health page and the Data Warehouse health monitor, recommending that you change the encryption keys. The message is also displayed at the completion of an upgrade or installation. After the keys have been changed, the warning messages will no longer be displayed.

Per the DWH documentation for Managing DWH Security, you will need to use the Windows CLI with Run as Administrator to change encryption keys.

 

Steps to update Encryption keys in Data Warehouse (DWH):

  1. Log directly onto, or Remote Desktop (RDP) into DWH host operating system.
  2. Open the CLI with Run as Admin, and initiate the securityadmin tool as outlined in Documentation for your version of OnCommand Insight.
    • NOTE: Run the file with the -i option to leverage the interactive wizard.
  3. Select option 6 to check if the current encryption key is the default key or not.
  4. Select option 3 to re-create the encryption key.
  5. Select option 6 to verify current encryption key is not the default key.
  6. Restart the SANscreen Server service.
  7. Clear the browser cache and cookies from any browsers that were previously used to access DWH.
  8. Log into DWH and verify the red banner is gone.

Note: Avoid using any full URLs within the browser history from any previous WebUI sessions. If URLs from the browser history are used, the error Server Not Found is expected.