Why does OnCommand Insight / OnCommand Data Warehouse display banner: 'Security risk: default encryption keys detected'?
Applies to
- OnCommand Insight 7.3.x ( OCI )
- OnCommand Insight Data Warehouse 7.3.x ( OCI DWH )
Answer
Data WareHouse Banner Message:
The following statement is documented within the OnCommand Insight 7.3.5 Release Notes Page 17
Warning if using default security key pairs: |
Per the DWH documentation for Managing DWH Security, you will need to use the Windows CLI with Run as Administrator to change encryption keys.
Perform the following steps to update Encryption keys in Data Warehouse (DWH):
- Login directly to or Remote Desktop (RDP) into DWH host operating system.
- Open the CLI with Run as Admin, and initiate the securityadmin tool as outlined in Documentation for your version of OnCommand Insight.
- Note: Run the file with the -i option to leverage the interactive wizard.
- Select option 6 to check if the current encryption key is the default key or not.
- Select option 3 to re-create the encryption key.
- Select option 6 to verify current encryption key is not the default key.
- Restart the SANscreen Server service.
- Clear the browser cache and cookies from any browsers that were previously used to access DWH.
- Login to DWH and verify the red banner is gone.
Note: Avoid using any full URLs within the browser history from any previous WebUI sessions. If URLs from the browser history are used, the error Server Not Found
is expected.
Additional Information
- OnCommand Data Warehouse ETL fails and user is unable to access the ‘Connectors’ window due to DWH password encryption file mis-match
- OnCommand Insight Data Warehouse Server shows "Rekey Failed!" error message when trying to Change Encryption Keys
- Unable to re-key OnCommand Insight (OCI) Remote Acquisition Unit password encryption due to mis-matched encryption keys