Key management certificate nearing expiration

CAUTION:
Possible loss of data accessibility

If the affected certificate is not replaced before the certificate expires, the storage array will no longer be able to obtain security keys from the key management server to unlock secured drives. This may lead to one or more drives becoming locked and their data becoming inaccessible.

Recovery Steps

  1. Is the affected certificate shown in the Details area a client certificate or server certificate?

    • If it is a client certificate, go to step 2.

    • If it is a server certificate, go to step 5.

  2. Complete and download a client certificate signing request (CSR).

    1. Go to Settings > Certificates. Then select the Key Management tab.

    2. Select Complete CSR to complete and download a client certificate signing request.

  3. Create and download a client certificate from the key management server using the downloaded csr file.

  4. Ensure the client certificate is available on your local host, and then go to step 6.

  5. Obtain a new server certificate for the key management server and ensure that it is available on your local host.

  6. Update the affected certificate by importing the new certificate.

    1. Go to Settings > Certificates. Then select the Key Management tab.

    2. Select Import to upload the new certificate.

  7. Perform a communication test between the storage array and key management server.

    1. Go to Settings > System.

    2. Select the Test Communication link in the Security Key Management section and test the connection between the storage array and the key management server.

    Did the communication test detect any problems?

    • If yes, fix the detected problem and then repeat step 7.

    • If no, go to step 8.

  8. Select Recheck to ensure the problem has been resolved.