000024501 - Using cache file from another RKM Client installation

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000024501
Applies ToRSA Key Manager Client 1.5.x
IssueUsing cache file from another RKM Client installation
Can't retrieve key from cache file that was copied from another RKM Client installation

Debug output shows "KEK has changed. Reseting the cache ":

...

kms.sslConnectTimeout = 10
KEK has changed. Reseting the cache
KMClient: Retrieving key for Key Class 'CreditCardNumber'
Attempting to retrieve key from cache
Attempting to retrieve from memory cache
Attempting to retrieve from disk cache
Failed to retrieve CreditCardNumber from cache
Failed to retrieve key. Pausing 2 seconds
Failed to retrieve key. Pausing 2 seconds
Failed to retrieve key after 3 retries

ResolutionThis indicates that the cache was encrypted with a different key than the one that you are using now.  In order to use the cache file from another RKM Client installation, you must use the same PKCS #12 file (kms.sslPKCS12File) and the correct password (kms.sslPKCS12Password).
Legacy Article IDa38773

Attachments

    Outcomes