Skip to main content

We've Moved!

Product Documentation has moved to docs.hitachivantara.com
Hitachi Vantara Knowledge

Troubleshooting

This article provides troubleshooting information for Encryption License Key.

Encryption events in the audit log

The audit log records events related to Encryption License Key, including data encryption and Encryption License Key processes. You can export an audit log that contains encryption events in near real-time to an external syslog server.

For details about the audit log, see the Hitachi Audit Log User Guide. For instructions on exporting log events, see the System Administrator Guide for your storage system.

Troubleshooting Encryption License Key

For troubleshooting information for Device Manager - Storage Navigator, see the System Administrator Guide for your storage system. For details about HDvM - SN error messages, see Hitachi Device Manager - Storage Navigator Messages.

The following table provides general troubleshooting information for Encryption License Key. If you need technical assistance, contact customer support.

Problem

Action

Cannot use the Encryption License Key feature to back up or restore a key.

Verify the following:

  • The Encryption License Key software license is valid and installed.
  • You have the Security Administrator (View & Modify) role.
  • If you backup and restore data encryption keys with a key management server, the connection to the key management server is available.
  • If you backup and restore data encryption keys with a key management server, the number of keys which you can back up on the key management server is not exceeded.
  • If you backup and restore data encryption keys with a key management server, a time-out has not occurred due to the increase in the number of keys on the key management server.
  • The latest key is restored (the key will not be updated after a secondary backup has been performed).

Cannot create or delete data encryption keys.

Make sure that:

  • The Encryption License Key software license is valid and installed.
  • You have the Security Administrator (View & Modify) role.
  • If you have backed up and restored data encryption keys with a key management server, that the connection to the key management server is available.

Cannot enable encryption for a parity group.

Make sure that:

  • The Encryption License Key software license is valid and installed.
  • All LDEVs in the parity group are in the blocked status.
  • The accelerated compression feature is disabled.

Cannot disable encryption for a parity group.

Make sure that all LDEVs in the parity group are in the blocked status.

Server configuration test failed.

Check the following key management server connection settings:

  • Host name
  • Port number
  • Client certificate file
  • Root certificate file

If the communication failure is due to the length of time to connect to the server, try changing these settings:

  • Timeout
  • Retry interval
  • Number of retries

The Edit Encryption wizard operation failed, but the status of encryption (enable or disable) has changed.

The change of the status succeeds, but the format of the volume fails. Confirm the message, remove the error, and format volumes again.

The storage system failed to get encryption keys backed up on the key management server and all volumes are blocked when the storage system is turned on. The SIM code 661000 or 661001 is returned.

Complete the following tasks:

  • Restore the connection to the key management server.
  • Retry key encryption key acquisition.
  • Contact customer support to restore the EBEDs and blocked drives or blocked volumes.

Editing encryption environmental settings has failed with the error (00002-058578).

If it is the first time you are configuring encryption environmental settings in the Edit Encryption Environmental Settings window and it fails (error message 00002-058578), complete the following tasks:

  1. Wait a few minutes, and then click File Refresh All to reread the configuration information.
  2. Initialize the encryption environmental settings.
  3. Configure the encryption environmental settings again.

If it is not the first time you are configuring encryption environmental settings in the Edit Encryption Environmental Settings window and it fails (error message 00002-058578), complete the following tasks:

  1. Wait a few minutes, and then click File Refresh All to reread the configuration information.
  2. Configure the encryption environmental settings again.

Server configuration test has succeeded, but the following error is displayed:

10126-105022 The connected key management server does not support the required functions.

A required function for the setting of the key management server is not supported with the connected key management server. See System requirements, and update the software of the key management server to the latest version.

The Edit Encryption Wizard operation failed though the Free key (Encryption key with the Free attribute) exists. The error below is displayed.

03005-108104 There are not enough Free keys.

The Edit Encryption Environmental Settings wizard executed prior to the Edit Encryption wizard might have failed because of disk board failure. Confirm in the Task window that the Edit Encryption Environmental Settings wizard failed and if so, move the cause of error. Then retry the Edit Encryption Environmental Settings wizard and the Edit Encryption wizard after initializing the Encryption Environmental Setting.

After a Free key (Encryption key with the Free attribute) was deleted, SIM code 660100 or 660200 was returned.

The number of Free keys (Encryption key with the Free attribute) might be smaller than the threshold for maintenance. Create the maximum number of Free keys.

Contacting customer support

If you need to contact customer support, provide as much information about the problem as possible, including:

  • The circumstances surrounding the error or failure
  • The content of any error messages displayed on the host systems
  • The content of any error messages displayed on Device Manager - Storage Navigator
  • The Device Manager - Storage Navigator configuration information (use the FD Dump Tool)
  • The service information messages (SIMs), including reference codes and severity levels, displayed by Device Manager - Storage Navigator

The customer support center is available 24 hours a day, seven days a week. If you need technical support, log on to customer support for contact information: https://support.hitachivantara.com/en_us/contact-us.html