Unsolved
1 Rookie
•
18 Posts
0
429
July 17th, 2023 15:00
SEKM failing to communicate with KMS with unhelpful error messages
Seeking some guidance and assistance regarding an issue I'm facing while trying to set up SEKM on my PowerEdge server. My goal is to see and understand how SEKM works, so I don’t have any commercial KMS server and am instead using PyKMIP. I’ve configured PyKMIP with the necessary self-signed cert and private key, signed the CSR with the CA, and uploaded it to the iDRAC, but when I attempt to test the connection it tells me that I haven’t uploaded the necessary keys:
SEKM003: Unable to connect to any Key Management Server because the SEKM certificates are not uploaded to the iDRAC.
Make sure that the required SEKM certificates are uploaded to the iDRAC. For information about the required SEKM certificates, see the iDRAC User's Guide available on the support site.
I uploaded both the CA and the signed CSR, is there something else that I need?
I double checked using racadm that there is a SEKM cert:racadm>> racadm get idrac.sekmcert
[Key=idrac.Embedded.1#SEKMCert.1]
#CertificateStatus=NOT_PENDING
CommonName=iDRAC
CountryCode=US
EmailAddress=
LocalityName=*******
OrganizationName=******
OrganizationUnit=*******
StateName=********
SubjectAltName=
UserId=
DELL-Joey C
Moderator
•
3.9K Posts
0
July 17th, 2023 21:00
Hi @delimiter,
It would be the compatibility of the private key. What is your iDRAC version and firmware version? Are they up to date? Here are the support KMS for SEKM: https://dell.to/3Q3sHwQ
I also found this document: https://dell.to/3OgJqeI on enabling the SEKM feature on PowerEdge servers.