The Onboard Key Manager operation fails after node's Motherboard or bootdevice replacement
Applies to
- ONTAP 9.6 and later
- NetApp Volume Encryption (NVE)
- Replace Motherboard
- Replace BootDevice
Issue
The Onboard Key Manager operation fails after node's Motherboard or bootdevice replacement:
cluster1::> security key-manager key show
Node: node03
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 000000000000000002000000000001008450244552xxxxxxxxxxxxxxxxxx0000000000000000
NSE-AK
Key ID: 00000000000000000200000000000100e8609d2801xxxxxxxxxxxxxxxxxx0000000000000000
VEK
Key ID: 00000000000000000200000000000500ef174daafxxxxxxxxxxxxxxxxxx80000000000000000
SVM-KEK
Key ID: 00000000000000000200000000000a00943519801xxxxxxxxxxxxxxxxxxx0000000000000000
Node: node04
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 00000000000000000200000000000100845024ssssxxxxxxxxxxxxxxxxxx0000000000000000
Node: node04
Key Store: onboard
Used By
--------
NSE-AK
Key ID: 00000000000000000200000000000100e8609d280xxxxxxxxxxxxxxxxxxd0000000000000000
SVM-KEK
Key ID: 00000000000000000200000000000a00943519801sxxxxxxxxxxxxxxxxxx0000000000000000
7 entries were displayed.
Error: One or more nodes have the Onboard Key Manager keys that need to be
restored. Run the "security key-manager onboard sync" command to restore
the onboard key hierarchy on those nodes.
::> security key-manager onboard show-backup
Error: show failed: The Onboard Key Manager backup operation failed with error:
Unknown. Possible reasons for failure include a missing or corrupted
backup configuration. Use the "security key-manager onboard sync"
command to synchronize the onboard key hierarchy and then retry the
backup command. If the problem persists, contact technical support.