Error Pulling Large Key Bundles for Dell Encryption

Affected Products:

• Dell Encryption
• Dell Data Protection | Encryption

Not Applicable

Under certain conditions, a large amount of key material can be associated to an individual endpoint. The Dell Encryption Admin Utilities (CMGAD and CMGAU) have a default 5-minute time limit to retrieve a key bundle before presenting a timeout on the transaction. This results in Error parsing key data from the server response.

Figure 1: (English Only) Download failed

To increase the timeout value:

1. Secure a copy of Dell Encryption Admin Utilities with version 8.13 or later. To download the latest copy, go to https://www.dell.com/support/home/product-support/product/dell-data-protection-encryption/drivers.
2. Open the Windows Registry Editor on the endpoint that is downloading the key material by typing regedit into a Run window and selecting OK.

Figure 2: (English Only) Run regedit

3. Go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CMGShield
4. Create a DWORD called HTTPTimeout.
5. Right-click HTTPTimeout and select Modify.
6. Set the Value Data to 600 in decimal. This value is in seconds and increases the client-side timeout to 10 minutes.

Figure 3: (English Only) Update Value Data in Decimals

7. On the Dell Encryption Management Server, open the spring-jetty.xml file in the Security Server\conf directory with a text editor.
8. Go to each of the two idleTimeout variables and set their value to 600000. This value is in milliseconds. By default, it is set to 60000.

Figure 4: (English Only) First idleTimeout variable

Figure 5: (English Only) Second idleTimeout variable

9. On the Dell Encryption Management Server, open the webdefault.xml file in the Security Server\conf directory with a text editor.
10. Go to the maxRequestMs variable and set the value to 600000. This value is in milliseconds. By default, it is set to 60000.
11. Go to the maxIdleTrackMs variable and set the value to 600000. This value is in milliseconds. By default, it is set to 60000.

Figure 6: (English Only) Update maxRequestMs and maxIdleTrackMs

12. Restart the Security Server Service. For more information about restarting services, reference How to Stop and Start Services in Dell Security Management Server.
13. Download the key material using the Dell Encryption Admin Utilities.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.