Symantec Encryption Manager Services
search cancel

Symantec Encryption Manager Services


Article ID: 153422


Updated On:


Encryption Management Server PGP Key Management Server File Share Encryption Desktop Email Encryption Drive Encryption Endpoint Encryption Gateway Email Encryption PGP Command Line PGP Key Mgmt Client Access and CLI API PGP SDK


This article details a list of services and common commands used on the Symantec Encryption Manager.

Accessing the Symantec Encryption Manager command line for read-only purposes (such as to view settings, services, logs, processes, disk space, query the database, etc) is supported. However, performing configuration modifications or customizations via the command line may void your Symantec Support agreement unless the following procedures are followed.

Any changes made to the Symantec Encryption Manager via the command line must be:  

  • Authorized in writing by Symantec Technical Support or published as an approved and documented process on the Broadcom Knowledge Base
  • Implemented by a Broadcom Partner, reseller or Broadcom Technical Support.
  • Summarized and documented in a text file in /var/lib/ovid/customization on the Symantec Encryption Manager itself.


Changes made through the command line may not persist through reboots and may be incompatible with future releases. Broadcom Technical Support may also require reverting any custom configurations on the Symantec Encryption Manager back to a default state when troubleshooting new issues. 




pgpsysconf --restart tomcat
Restarts the tomcat service
Assists in troubleshooting web services problems
pgpsysconf --restart httpd
Restarts the httpd service
Assists in troubleshooting web services problems
pgpsysconf --apache
Assists in troubleshooting web services problems and rebuilds config files for Apache
pgpsysconf --restart pgpuniversal
PGP Universal Server services
Assists in troubleshooting issues with cluster on port 444, Client on port 443, or Proxy on port 25 not listening.
df -h
Displays disk status
If database is not running, use to check if disk space is full.
du -sh *
Displays disk status
Lists the disk usage of each file/folder. Assists in troubleshooting what filled up the disk. Most likely: /var/log/ovid, /var/lib/ovid/backups, /var/tmp folders.
psql oviddb ovidr -c "select count(*) from replication_message"
Server replication
Used on PGP Universal Server 2.x to count cluster replication messages (-c to exit) in queue
tail -f /var/log/ovid/cluster-YYYY-MM-DD.log
Checks clustering data
Checks if cluster data is being logged and verifies service is running. Optionally adding "| grep -i error" displays only error messages.
tail -f /var/log/ovid/client-YYYY-MM-DD.log
Checks for client activity
Checks if client activity is occurring and checks TLS certificate.
Network status
Use when messages are queued. Check for DNS issues.
telnet 25
Network status
Check for ports being used and verify connection to next hop.
ethtool eth0
LAN card status
Displays LAN card configuration settings.
TCP/IP configuration
Used to configure and control TCP/IP network settings.
netstat -rn
Network status
Check for network activity and configuration.
pgpsysconf --restart pgpsdkrmi
Licensing Issues
Use command if server appears unlicensed on system tab.
pgpsysconf --restart pgpdatalayer
Restarts datalayer for database access
Allows access from other processes to database. Run pgpsysconf --restart pgpuniversal after restarting pgpdatalayer
pgpsysconf --restart pgptokend
Hardware interface
Run only if you know the ignition key passphrase.
pgpsysconf --restart pgptcpwrapper
Network connections
Manages certain listening connections.
pgpsysconf --restart postfix
Mail processing
Mail delivery component for email from PGP Universal Server.
pgpsysconf --restart syslog-ng
Server logging
Run command if logs are not written, but services are running.
psql oviddb ovidr -c "select * from (select host, count (*) from cluster_member as cm left join replication_destination as rd on (cm.local_id = rd.cluster_id) group by 1 order by 2 desc) as rd where count > 1;"
This command works for PGP Universal Server 2.x and allows you to see the replication message counts on all servers in a cluster.
pgpsysconf –restart pgpgroupd
Restarts Group Membership processing service
Useful after putting it in debug mode or if it’s hung.
Tool used for grouping of Consumers
Used to modify the behavior of grouping on the PGP Universal Server. Running pgpgrouptool by itself will print out a list of commands.
pgpsysconf --restart pgprep
Cluster replication issues
Restarting this will restart the replication service and redo all the work that needs to be done to replicate local changes to the other cluster members.
pgprepctl info
Clustering replication statistics
To view the messages in memory being sent to other nodes and statistics of replication
Cluster information
Using this command will list all the commands available to troubleshooting clustering problems
pgprepctl topo
Cluster replication topology statistics
Used to view the replication topology and make sure that the communication is up between all the cluster members. X’s in here are a sign that a cluster member is not communicating.