Having two keys on Symantec Encryption Management Server is not supported for PGP Support Package for Blackberry

book

Article ID: 158592

calendar_today

Updated On:

Products

Encryption Management Server

Issue/Introduction

User having two keys on Symantec Encryption Management Server (SEMS) receive an error message during policy update.

"PGP Key is not Valid" or "PGP Key is expired"

Cause

PGP Support for Blackberry and Blackberry Enterprise Server (BES) don't have any ability to choose the primary key on the server.  Therefore users will get sometimes the second key during policy update.  Having two keys on SEMS is not supported, because only the primary key should be used for signing and encrypting email.
 

Resolution

Symantec will not provide any solution on this issue.  Symantec provides following Workaround:

Please delete the second key from the server. If the user has Symantec Encryption Desktop (SED), the key can be imported to SED for en-/decrypting emails.

Please make sure that you have a backup of the deleted key, just in case the users has problems with their machine.


Applies To

Symantec Encryption Management Server

PGP Support Package for Blackberry