KMS - Potential Issue With FIPS Mode Only Enabled On A Mixed KMS 2.2.x And OKM 2.3.x Cluster

(Doc ID 1329216.1)

Last updated on FEBRUARY 14, 2013

Applies to:

Sun StorageTek Crypto Key Management System - Version Not Applicable and later
Information in this document applies to any platform.

Symptoms

This issue can cause drives to be unable to retrieve keys from the cluster.

It can affect all supported encryption tape drives. It does not affect mixed clusters where the "FIPS Mode Only" security parameter is Off.

Example error reported in the OKM/KMS audit log:

Retrieve Protect And Process Key FIPS mode required Error 000209000287

The drive dump or VOP log will report the following error:

AUDIT_CLIENT_AGENT_RETRIEVE_PROTECT_AND_PROCESS_KEY_SOAP_ERROR

Changes

This will only be an issue if the "FIPS Mode Only" feature is enabled on a mixed KMS 2.2.x and OKM 2.3.x cluster.

Cause

	Sign In with your My Oracle Support account
	Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms