嘗試啟用使用外部金鑰管理程式加密,DD OS 7.1 (KeySecure)

Summary: 使用 KeySecure 組態的加密金鑰管理未完成,並出現「無法同步金鑰」等錯誤。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

KeySecure 伺服器記錄不會顯示 Data Domain 嘗試通訊。防火牆連接埠已打開。顯示錯誤:

Error message : Failed to synchronize keys, error code = 5308

Data Domain 檔案系統 (FS) ddfs資訊記錄會顯示以下內容:

9/21 18:40:22.025 (tid 0x7f032e42cd50): INFO: dd_km_plugin_finalize_intern_keysecure: KeySecure is not configured, will not finalize
09/21 18:40:30.019 (tid 0x7f032e42cd50): ERROR: dd_km_plugin_init_intern_keysecure: KeySecure plugin initialization failure. Error : -75
09/21 18:40:38.010 (tid 0x7f032e42cd50): ERROR: dd_km_plugin_get_active_key_by_class_keysecure: Failed to synchronize keys. Status: -75
09/21 18:40:38.010 (tid 0x7f032e42cd50): NOTICE: [cp_keys_enable_ext_key_mgr] Error [Failed to synchronize keys] in retrieving the active key
09/21 18:40:48.000 (tid 0x7f032e42cd50): ERROR: KeySecure is not configured correctly. Response status : -75
09/21 18:40:48.000 (tid 0x7f032e42cd50): ERROR: [dd_keysecure_plugin_get_dd_err] KMIP returned error[-75]
09/21 18:40:56.181 (tid 0x7f032e42cd50): ERROR: KeySecure is not configured correctly. Response status : -75
09/21 18:40:56.181 (tid 0x7f032e42cd50): ERROR: [dd_keysecure_plugin_get_dd_err] KMIP returned error[-75]

Cause

使用外部認證機構時,請將憑證鏈結中的所有憑證匯入 Data Domain。中繼認證機構 (CA) 的憑證必須匯入 DD,作為 KeySecure 信任。

Resolution

請參閱 DD OS 和 Gemalto 的 SafeNet KeySecure 整合指南,以確認已遵循所有步驟。(需要以註冊使用者身分登入 Dell 支援才能檢視本文件。)如果問題仍然存在,請獲取有關從本地網路安全團隊導入 KeySecure SSL 證書的中間 CA 的說明。

Affected Products

Data Domain
Article Properties
Article Number: 000183757
Article Type: Solution
Last Modified: 28 Mar 2025
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.