Applies to ONTAP 9.8 or later MetroCluster Onboard Key Management (OKM) Issue After a motherboard replacement, upgrade, or reboot the following was observed: km.mcc.okmkey.mismatch: This cluster is pa...Applies to ONTAP 9.8 or later MetroCluster Onboard Key Management (OKM) Issue After a motherboard replacement, upgrade, or reboot the following was observed: km.mcc.okmkey.mismatch: This cluster is part of a MetroCluster configuration. The list of OKM hierarchy keys on one or both of the clusters is potentially corrupted.
When attempting to re-key the password encryption for OCI or RAU data sources, the RAU re-key procedure fails with error: Re-Key failed. This issue occurs on systems that have had data sources migrat...When attempting to re-key the password encryption for OCI or RAU data sources, the RAU re-key procedure fails with error: Re-Key failed. This issue occurs on systems that have had data sources migrated from one RAU or OCI server to another RAU or OCI server.
OnCommand Data Warehouse ETL fails and user is unable to access the ‘Connectors’ window due to DWH password encryption file mismatch. This issue is caused due to a conflict between the ‘Password encry...OnCommand Data Warehouse ETL fails and user is unable to access the ‘Connectors’ window due to DWH password encryption file mismatch. This issue is caused due to a conflict between the ‘Password encryption keys’ that are in the DWH server and what is currently being used by one or more of the OCI connectors.
Applies to FabricPool Encryption When trying encrypt a non-encrypted fabricpool volume or trying to rekey a fabricpool volume that has tiered data, following error was received: ERROR enc.operation.ab...Applies to FabricPool Encryption When trying encrypt a non-encrypted fabricpool volume or trying to rekey a fabricpool volume that has tiered data, following error was received: ERROR enc.operation.aborted: Conversion to encryption scan is aborted in the volume 'data_vol' (aggr 'fp_aggr1'). Reason: Insufficent storage space. sj-clus-01::> vol encryption conversion show Vserver Volume Start Time Status data_vol - Aborted. Insufficent storage space. Ensure that there is enough space in the volume.
This article describes the procedure to upgrade a NSE system using an external key management (KMIP) server to ONTAP 9.3 or later. “Important: If you are upgrading to ONTAP 9.3 from a previous version...This article describes the procedure to upgrade a NSE system using an external key management (KMIP) server to ONTAP 9.3 or later. “Important: If you are upgrading to ONTAP 9.3 from a previous version, you must delete any existing KMIP server connections using the security key-manager delete-kmip-config command before upgrading, then reconfigure the KMIP server connections using the security key-manager setup command after the upgrade is completed.”
Applies to External Key Manager (EKM) Description Upgrade of each EKM varies based on platform, vendor and model. Please contact your EKM vendor for specific upgrade instructions.
Applies to NetApp Volume Encryption (NVE) ONTAP 9.3 and later Issue On busy systems, the command volume encryption conversion might return the following error: Error: command failed: Failed to start c...Applies to NetApp Volume Encryption (NVE) ONTAP 9.3 and later Issue On busy systems, the command volume encryption conversion might return the following error: Error: command failed: Failed to start conversion on volume "vol1" in Vserver "svm1". Reason: Node "node-01" failed to allocate encryption resources. Please retry later or reboot the node
Applies to ONTAP 9.1 and later Onboard Key Manager (OKM) NetApp Volume Encryption (NVE) Issue When configuring Onboard Key Management (OKM) the following error is observed: ::> security key-manager on...Applies to ONTAP 9.1 and later Onboard Key Manager (OKM) NetApp Volume Encryption (NVE) Issue When configuring Onboard Key Management (OKM) the following error is observed: ::> security key-manager onboard enable Enter the cluster-wide passphrase for onboard key management: Re-enter the cluster-wide passphrase: Error: command failed: This platform does not support data at rest
Applies to External Key Management (EKM) When creating an encryption key, with External Key Management configured, the following error is observed: Error: command failed: Unable to push authentication...Applies to External Key Management (EKM) When creating an encryption key, with External Key Management configured, the following error is observed: Error: command failed: Unable to push authentication key to any registered key servers. Error: Failed to store authentication key with key ID "00000000000000000200000000000100ee9f0XXXXXXXXXXXXXX37a16d957937b0000000000000000" on external keyserver "x.x.x.x:5696". Cryptsoft error: "Response status: OPERATION_FAILED.
Normal ProvisioningFailed 3s (x2 over 11s) csi.trident.netapp.io encountered error(s) in creating the volume: [Failed to create volume pvc-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx on storage pool aggr1 fr...Normal ProvisioningFailed 3s (x2 over 11s) csi.trident.netapp.io encountered error(s) in creating the volume: [Failed to create volume pvc-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx on storage pool aggr1 from backend nas-backend: backend cannot satisfy create request for volume trident_pvc_yyyyyyyy_yyyy_yyyy_yyyy_yyyyyyyyyyyy: (ONTAP-NAS pool aggr1/aggr1; error creating volume trident_pvc_yyyyyyyy_yyyy_yyyy_yyyy_yyyyyyyyyyyy: API status: failed, Reason: Key manager is not configured on the cluster.
