"Failed to create key, Err:QLC_ERR_VALUE_MISSING Password"while encrypting or migrating virtual machine after PSC convergence
search cancel

"Failed to create key, Err:QLC_ERR_VALUE_MISSING Password"while encrypting or migrating virtual machine after PSC convergence

book

Article ID: 338170

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:

  • Unable to migrate the virtual machine failing with error on GUI "A general runtime error occurred. Cannot generate key"
  • Unable to encrypt virtual machines
  • In vpxd.log, you see entries similar to:
2019-03-21T12:24:12.419-05:00 info vpxd[06223] [Originator@6876 sub=vpxLro opID=c16349c6-####-####-####-########585-f4] [VpxLRO] -- FINISH lro-2257960
2019-03-21T12:24:12.421-05:00 info vpxd[05485] [Originator@6876 sub=vpxLro opID=vb-2401:TaskSearchAdapter:10190-99849-ngc:70005638-40] [VpxLRO] -- BEGIN lro-2257961 -- session[521dff48-####-####-####-########bd3]529feea8-####-####-####-########440c -- vim.HistoryCollector.reset -- 521dff48-####-####-####-########bd3(524548a7-####-####-####-########23e)
2019-03-21T12:24:12.421-05:00 info vpxd[05485] [Originator@6876 sub=vpxLro opID=vb-2401:TaskSearchAdapter:10190-99849-ngc:70005638-40] [VpxLRO] -- FINISH lro-2257961
2019-03-21T12:24:12.426-05:00 info vpxd[45181] [Originator@6876 sub=CryptoManager opID=ManageVmStorageProfilesFormMediator-apply-99827-ngc:70005587-32-01] The Vecs string entry 'password-CloudLinkxxx/CloudLinkxxx3' does not exist in VECS
2019-03-21T12:24:12.426-05:00 error vpxd[45181] [Originator@6876 sub=CryptoManagerKmipWrapper opID=ManageVmStorageProfilesFormMediator-apply-99827-ngc:70005587-32-01] Failed to create key, Err:QLC_ERR_VALUE_MISSING Password
-->
2019-03-21T12:24:12.427-05:00 warning vpxd[45181] [Originator@6876 sub=CryptoManager opID=ManageVmStorageProfilesFormMediator-apply-99827-ngc:70005587-32-01] CreateKey on server CloudLinkxxx3 failed: Err:QLC_ERR_VALUE_MISSING Password
-->

Environment

VMware vCenter Server Appliance 6.7.x

Resolution

This issue is resolved in vCenter Server 6.7 Update 2, available at Downloads (broadcom.com).

Workaround:

  1. Take a backup/snapshot of the VC.
  2. Remove the KMS Key Provider:
Go to VC> Configure> Key Management Servers> Select the KMS Cluster which you want to remove.
  1. Add the same KMS server with same IP address and alias.