How to setup Tape Encryption for product CA-1 only and prohibit other components from checking the license keys
Article ID: 218285
Updated On:
Products
Issue/Introduction
We are running Tape Encryption on a system with product CA-1 active, and only need the ED key (for the Tape Encryption for CA-1 option) and possibly the 0L for Key Manager. We should NOT be running with EB, EC, EE or EF keys when we have product CA-1 active. How can we configure the product so there is no check for the other keys?
Environment
Release : 14.5
Component : Tape Encryption
Cause
The CAS9 proc is not configured with the proper keys for the functions which are needed to be active.
Resolution
The Tape Encryption LMP key 'EA' will always be needed for any use of the Tape Encryption product, whether for encryption or decryption. This single LMP key will provide decryption only (and is considered 'base Tape Encryption' in terms of function. This key can also be referred to as the 'Reader' key). Any product which is needing to perform encryption will need to activate an additional associated Tape Encryption LMP key for that product (such as 'ED' for CA-1). If there is a need to use product Tape Encryption to decrypt tapes on other systems which are not licensed to encrypt tapes, then only the single LMP key 'EA' is needed. The full list of LMP Keys can be found at:
Note: Support for all variants of the Tape Encryption EKM product have been dropped long ago, as this product has already reached End-Of-Life (EOL) in 2013.
Feedback
