Error Pulling Large Key Bundles for Dell Encryption

Résumé: This article describes how to adjust settings to pull large key bundles for Dell Encryption Enterprise (formerly Dell Data Protection | Enterprise Edition) using the Dell Encryption Admin Utilities. ...

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Symptômes

Affected Products:

  • Dell Encryption
  • Dell Data Protection | Encryption

Cause

Not Applicable

Résolution

Under certain conditions, a large amount of key material can be associated to an individual endpoint. The Dell Encryption Admin Utilities (CMGAD and CMGAU) have a default 5-minute time limit to retrieve a key bundle before presenting a timeout on the transaction. This results in Error parsing key data from the server response.

Download failed
Figure 1: (English Only) Download failed

To increase the timeout value:

Warning: The next step is a Windows Registry edit:
  1. Secure a copy of Dell Encryption Admin Utilities with version 8.13 or later. To download the latest copy, go to https://www.dell.com/support/home/product-support/product/dell-data-protection-encryption/drivers.
  2. Open the Windows Registry Editor on the endpoint that is downloading the key material by typing regedit into a Run window and selecting OK.

Run regedit
Figure 2: (English Only) Run regedit

  1. Go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CMGShield
  2. Create a DWORD called HTTPTimeout.
  3. Right-click HTTPTimeout and select Modify.
  4. Set the Value Data to 600 in decimal. This value is in seconds and increases the client-side timeout to 10 minutes.

Update Value Data in Decimals
Figure 3: (English Only) Update Value Data in Decimals

  1. On the Dell Encryption Management Server, open the spring-jetty.xml file in the Security Server\conf directory with a text editor.
  2. Go to each of the two idleTimeout variables and set their value to 600000. This value is in milliseconds. By default, it is set to 60000.

First idleTimeout variable
Figure 4: (English Only) First idleTimeout variable

Second idleTimeout variable
Figure 5: (English Only) Second idleTimeout variable

  1. On the Dell Encryption Management Server, open the webdefault.xml file in the Security Server\conf directory with a text editor.
  2. Go to the maxRequestMs variable and set the value to 600000. This value is in milliseconds. By default, it is set to 60000.
  3. Go to the maxIdleTrackMs variable and set the value to 600000. This value is in milliseconds. By default, it is set to 60000.

Update maxRequestMs and maxIdleTrackMs
Figure 6: (English Only) Update maxRequestMs and maxIdleTrackMs

  1. Restart the Security Server Service. For more information about restarting services, reference How to Stop and Start Services in Dell Security Management Server.
  2. Download the key material using the Dell Encryption Admin Utilities.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Produits concernés

Dell Encryption
Propriétés de l’article
Numéro d’article: 000124744
Type d’article: Solution
Dernière modification: 08 May 2024
Version:  8
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.