Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

NetApp KCS Award

NetApp Knowledge Base

External key-manager status shows unavailable for one node

Views:
298
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
encryption
Last Updated:

Applies to

KMIP server
External Key-manager

Issue

Connection to KMIP server for encryption seems to drop and reconnect in a span of a second, according to EMS logs, for some but not all the nodes in the cluster.
 
Example of what is seen on EMS:

Sat Sep 19 07:29:53 UTC [node-n1: mgwd: km.keyserver.notavailable:alert]: The external key management server "10.1.2.3:5696" is not available for Vserver "vserv001", status: "unknown".
 
Output of 'security key-manager external show-status' indicates kmip server is not accessible by node-n2:
cluster::> security key-manager external show-status

 

Node      Vserver      Key Server                                                             Status
-------   ----------   ---------------------------------------------------------------        ---------
node-n1
           vserv001
                        10.1.2.3:5696                                                         available
                        10.1.2.4:5659                                                         available


node-n2
           vserv001
                       10.1.2.3:5696                                                         unknown
                       10.1.2.4:5659                                                         unknown

node-n3
           vserv001
                       10.1.2.3:5696                                                         available
                       10.1.2.4:5659                                                         available
node-n4
           vserv001
                       10.1.2.3:5696                                                         available
                       10.1.2.4:5659                                                         available

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support