Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-72-2379929.1
Update Date:2018-04-02
Keywords:
Solution Type  Problem Resolution Sure

Solution  2379929.1 :   Oracle Key Manager (OKM) - Import Key Fails With "Key Already Exists But Is Destroyed Or Not Activated"  

Related Items 
    

  • Sun StorageTek Crypto Key Management System
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>TAPE>Backup Software-Filesystems>SN-TP: Encryption
    •  






In this Document


Symptoms


Changes


Cause


Solution



Created from <SR 3-17162707141>


Applies to:  

Sun StorageTek Crypto Key Management System - Version All Versions to All Versions [Release All Releases]
Information in this document applies to any platform.



Symptoms


A KMA cluster with four node was separated and are now operating independently.


A key assigned to a tape written recently in the cluster before they were separated needed to be imported to the other cluster to retrieve data from the tape.


There was a problem where the customer could not import the key into that cluster because of a relic duplicate Key ID.



So the key is active in one cluster and inactive in the other, but the that tape needs the encryption key is in the wrong cluster.   A straight import across Transfer Partners fails.



Changes


 A four node cluster was separated to become two independent clusters.  


Cause


The status of the encryption had already been replicated to the second cluster, when they were one cluster.   The key status showed to be in-active.
 


Solution


 No key transfer between partners was necessary.



 Once the tape was mounted, the inactive key was retrieved from the second cluster and the tape drive was able to recover the data from the tape.



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback