Skip to main content
NetApp Knowledge Base

Unable to create volume receiving an encryption error

Views:
18
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9
  • External Key Manager (EKM)
  • HyTrust External Key Server v5.5.1

Issue

  • Error when attempting to create an encrypted volume using NetApp Volume Encryption (NVE) and HyTrust key server:
::> volume create -vserver vserver1 -volume vol1 -aggregate aggr1 -size 300g -policy policy1 -encrypt true
Error: [Job 5347] Job failed: Failed to create the volume on node "node-01". Reason: Failed to store NVE key with key ID "00000000000000000200000000000500bd49b0b28b08190885da887a9a2f87040000000000000000" on external key server "10.20.XX.XX:5696". Cryptsoft error: "Response status: OPERATION_FAILED. Reason: GENERAL_FAILURE. Message: DB_GENERAL"
  • Key servers are available
cluster01::*> security key-manager external show-status
Node  Vserver  Primary Key Server                                 Status
----  -------  -------------------------------------------------  ------------
node1-01
      vserver1
               10.20.XX.XX:5696                  available
node1-02
      vserver1
               10.20.XX.XX:5696                  available
2 entries were displayed.
  • In MGWD log and KMIP2_client log, we see: 
MGWD

8003e8000000f1c1: ERR: Table::volume_create: create_imp: 3539: inside pushing state: [Job 5347] Job failed: Failed to create the volume on node "node-01". Reason: Failed to store NVE key with key ID "000000000000000002000000000005004e223eb5005bbbb96fa4b28c84fbb6820000000000000000" on external key server "10.20.XX.XX:5696". Cryptsoft error: "Response status: OPERATION_FAILED. Reason: ITEM_NOT_FOUND. Message: NOT_FOUND".

KMIP2_client

[kern_kmip2_client:info:8732] [Aug 20 06:23:43]: 0x80a005a00: 0: ERR: kmip2::tables::kmip_keytable_v2: [registerNveKey]:678: Error registering VEK. Exception: KmipBatchRegisterActivateException: Response status: OPERATION_FAILED. Reason: ITEM_NOT_FOUND. Message: NOT_FOUND.

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.