Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 188
If any of the tests fail, try the following resolutions and run the test again
to make sure it passes:
•
Ping Test Failure — Verify that the key server host is running and
accessible from the network to which the library is connected.
•
Drive Test Failure — Look for any tape drive RAS tickets and follow
the resolution instructions in the ticket.
•
Path Test Failure — Verify that the key server is actually running and
that the IP address, port, and SSL settings configured on the library
are correct. Check to see if there is a network configuration issue,
such as a firewall, preventing communication with the server.
•
Config Test Failure —
•
Q-EKM: Verify that the key server is set up to accept the tape
drive you are testing.
•
SKM: A database inconsistency has been detected. Contact
Quantum Support.
• KMIP Key Manager: Indicates a KMIP key server configuration
problem. The server does not support all features necessary for
the library to use it as a key server. Contact your KMIP server
administrator for assistance.
Differences Between
Manual and Automatic
EKM Path Diagnostics 7
There are two ways to perform EKM Path Diagnostics:
• Using Manual EKM Path Diagnostics
on page 189
• Using Automatic EKM Path Diagnostics
on page 190
For SKM and KMIP key management, the manual and automatic
diagnostics run in the same way. Partitions remain online for either the
Manual or Automatic diagnostics.
For Q-EKM, the Manual diagnostics differs from the Automatic
diagnostics in the following ways:
• The Manual diagnostics takes affected partitions offline during the
tests. When the tests complete, the partitions are returned to the
online/offline state they were in before the tests began.
Note:
For Q-EKM only: This test cannot run if the Drive test fails.
To Next Page
Loading...
Need help?
General