Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

External Key Management servers that are clones will not report when querying keys

Views:
84
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9.7P4
  • External Key manager

Issue

When performing a "key-manager query" the clone KMIP servers will not report. 

In the below example, KMIP Server x.x.x.2 is configured as the master and the remaining two KMIP servers are configured as clones. When a query is performed, only x.x.x.2 reports whereas all should be reporting:

Cluster::*> key-manager show -status
  (security key-manager show)

Node                    Port    Registered Key Manager       Status
----------------------  ------  ---------------------------  ---------------
Cluster-01           6001    x.x.x.1                 available
Cluster-01           6001    x.x.x.2                 available    <----- Master
Cluster-01           6001    x.x.x.3                 available

Cluster::*> key-manager query 
  (security key-manager query)

          Node: Cluster-n01
   Key Manager: x.x.x.2
Server Status: available

Key Tag                               Key Type  Restored
------------------------------------  --------  --------
Cluster                             NSE-AK    yes
    Key ID: 00000000000000000200000000000XXXXXXXXXXXXXXXXXXXXXXX0000000000000000

If any listed keys have "no" in the "Restored" column, run "security key-manager restore" to restore those keys.

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support