Validating, Updating, or Rotating the Encryption Key - Storage Integration for EMC Centera - Foundation 24.1 - Foundation 24.1 - Ready - OnBase - external

Storage Integration for EMC Centera®

Platform
OnBase
Product
Storage Integration for EMC Centera
Release
Foundation 24.1
License

Distributed Centera services uses a fully encrypted stream to transfer data. The encryption method utilizes an encryption key that may need to be updated or rotated periodically. The encryption key is maintained using the Distributed Services Encryption dialog box.

To access the Distributed Services Encryption dialog box, in the Configuration module select Encryption from the Disk Mgmt | Distributed Services menu. The Distributed Services Encryption dialog box is displayed.

When the Distributed Services Encryption dialog box is displayed it attempts to contact each configured distributed services server to determine it's current encryption status. The result is displayed in the Status column, with one of the following values:

Status

Description

OK

The distributed services server is online, using a valid encryption key, and communication is working.

Offline

Communication with the distributed services server cannot be established.

Disabled

The distributed services server has been disabled in configuration and so no attempt at communication was made.

Key Out of Date

The distributed services server is online but the encryption key must be updated. To update the encryption key, see Update the Encryption Key.

Version Out of Date

The distributed services server is online but is of a lower version than the clients and must be upgraded.

Communication Failure

The distributed services server is online but communication with it failed.

Note:

Communication errors may also be reported as Key Out of Date or Version Out of Date.

Encryption Failure

The distributed services server is online but encrypted communication failed. This happens when a server had the correct key, but somehow lost it. The encryption key can be lost if the server is moved to a new machine, is reinstalled after the host machine is reimaged, or if the encryption key for the distributed services server was reset when the current key was already valid.

To repair the encryption key it must be rotated. See Rotate the Encryption Key.

Unknown

The distributed services server is not configured correctly so communication cannot be established and the status cannot be determined.