crypto.export.failed エラーが検出されました
環境
- ONTAP 9.10.1P15
- マザーボード交換
- ONTAP のアップグレード
- Onboard Key Manager(OKM)
問題
crypto.export.failedエラーが検出されました。
[node01: svc_queue_thread: crypto.export.failed:alert]: ERROR: Export of key with key ID 00000000000000000000000000000000000000000000000000000000000000000000000000000000 failed. Additional information: error creating a base hierarchy blob.
security key-manager key show -detailパートナー ノードでNSE-AKとSVM-KEKがリストアされていないと表示します。
::> security key-manager key show -detail
Node: node1
Key Store: onboard
Key ID Key Tag Used By Stored In Restored
------ --------------- ---------- ------------------------------------ --------
00000000000000000
node1 NSE-AK local-cluster yes
00000000000000000
c5 VEK local-cluster yes
00000000000000000
f1 VEK local-cluster yes
00000000000000000
SVM2 SVM-KEK local-cluster yes
00000000000000000
SVM1 SVM-KEK local-cluster yes
Node: node2
Key Store: onboard
Key ID Key Tag Used By Stored In Restored
------ --------------- ---------- ------------------------------------ --------
00000000000000000
node2 NSE-AK local-cluster no
00000000000000000
svm2 SVM-KEK local-cluster no
00000000000000000
avm1 SVM-KEK local-cluster no
Error: One or more nodes have the Onboard Key Manager keys that need to be restored. Run the "security
key-manager onboard sync" command to restore the onboard key hierarchy on those nodes.