HP Secure Encryption manual Logical drives remain offline, Master key not exporting

Page 65

2.Run a key query with the following search parameters ("Running queries" on page 57):

a.Choose Keys Where drop down menu: select Custom: Server_Name. Two new fields appear.

b.In the second drop down menu, select Equals.

c.In the third field, enter the name of the server to be associated with the Master Encryption Key.

d.Under Custom Attributes, select Master_Key.

Logical drives remain offline

If cryptographic information is missing, logical drives remain offline after system start. General causes include a missing, incorrect, or inaccessible key. Restoring the cryptographic information to match the attached drives results in the appropriate access to the logical drive.

Possible causes

Encryption is not enabled.

The matching Master Encryption Key is missing or incorrect.

The controller password was enabled but is not entered or is incorrect. Possible causes (Remote Mode only)

Network connectivity issues are occurring between HP iLO and the HP ESKM.

HP iLO is not configured properly.

The Drive Keys are missing from the HP ESKM.

The Drive Encryption Keys and HP iLO groups are mismatched.

To view a diagnostic report, see the HP Smart Storage Administrator User Guide.

Master key not exporting

This issue occurs only in Remote Key Management Mode. The problem appears as either a locked controller or as locked volumes.

Possible causes

A network problem prevents key retrieval from the HP ESKM.

Lost or incorrect HP iLO configuration

Missing or incorrectly configured Master Encryption Key Possible Resolutions

Troubleshoot the network connection between HP iLO and the HP ESKM. For more information, see "Testing the connection between HP iLO and the HP ESKM (on page 66)."

Ensure the Master Encryption Key exists. For more information, see "Locate the key using the HP ESKM ("Locating the key using the HP ESKM" on page 62)."

Ensure the Master Encryption Key is in the correct group. If the Master Key is incorrectly assigned, see "Placing a key in a group (on page 25)."

Troubleshooting 65

Page 64 Page 66
Image 65
Page 64 Page 66
Contents HP Secure Encryption Installation and User Guide Page Contents Support and other resources About HP Secure Encryption OverviewBenefits Encryption featuresFeature Description Eskm HP ProLiant servers Solution componentsHP Smart Storage Administrator HP SmartCache HP Smart Array ControllerHP iLO Minimum requirementsHP Eskm and key management HP Enterprise Secure Key Manager 3.1 and laterLicensing Recommended security settings at remote sites Encryption setup guidelinesEncrypted backups PlanningRemote and local key management requirements Security domainsDeployment scenarios Configuring the controller local mode ConfigurationLocal key management mode Configuration Configuring Remote Key Management Mode Remote Key Management ModeAdding a user Configuring the HP EskmLogging in to the HP Eskm Configuration Adding a group Assigning a user to a group Configuration Configuration Creating a Master Key Running a key query Placing a key in a groupConfiguration Assigning a key to a group Configuring HP iLO Connecting HP iLO to HP Eskm Configuration Configuring the controller remote mode Configuration Operations Accessing Encryption ManagerOpening Encryption Manager Logging into Encryption ManagerSet or change the Crypto Officer password Managing passwordsSet or change user account password Set or change the password recovery questionSet or change the controller password Suspending the controller password Resuming the controller password Rekeying the Drive Encryption Keys Working with keysChanging the Master Encryption Key Rescanning keys Creating a plaintext volumeOperations Operations Converting plaintext volumes into encrypted volumes Changing key management modes Enabling/disabling plaintext volumes Enabling/disabling the firmware lock Enabling/disabling local key cache Importing drives with different Master Keys Importing drive sets in Local Key Management ModeOperations Controllers MaintenanceFlashing firmware DrivesReplacing a physical drive Encryption ManagerQuery by drive serial number GroupsLocating groups associated with a drive Maintenance Query by previous server name Maintenance Displaying log information Running queries Maintenance Maintenance Maintenance Common issues TroubleshootingLost or forgotten Crypto Officer password Lost or forgotten controller passwordRemote mode Local modeLocating the key using the HP Eskm Lost or forgotten Master KeyLocating the key using iLO Forgotten which Master key goes with which drive Master key not exporting Logical drives remain offlineTesting the connection between HP iLO and the HP Eskm Potential errors encountered Error Description Action Clearing the encryption configuration HP contact information Support and other resourcesBefore you contact HP Encryption algorithms AppendixGlossary Local Master Encryption Key ILOMaster Encryption Key PlaintextRemote Key Manager Volume encryption keyDocumentation feedback Eskm IndexIndex
Top Page Image Contents