Info
HPE StoreEver ESL G3 firmware 751H or earlier requires Transport Layer Security (TLS) 1.0 to be enabled to enroll or re-enroll with Enterprise Secure Key Manager (ESKM) server when using the Key Management System (KMS) protocol. Later ESKM firmware updates disable TLS v1.0 by default.
ESKM enrollment fails in the last check connectivity step of the ESL G3 wizard when you click
finish
.
Click
ok
to close out the error.
If the TLS 1.0 change is made as described in the Resolution, then clicking
Finish
can be done again without leaving the ESKM wizard.
If the ESKM wizard is cancelled, the wizard must be restarted from the beginning.
Scope
ESL G3 with MCB version 1 with all firmware versions, and ESL G3 with MCB version 2 firmware 751H and earlier are affected by this issue, only during enrollment or re-enrollment with ESKM using KMS when TLS 1.0 is disabled.
Note: This issue does not affect libraries using Key Management Interoperability Protocol (KMIP).
Resolution
If the HPE StoreEver ESL G3 firmware is 751H or earlier, do the following:
Navigate to
Security
>
SSL options
>
KMS SSL Options
to enable the TLS 1.0 version in the KMS SSL options.
Click
Edit
to enable the TLS 1.0 box.
See the following KMS SSL options.
Navigate to
Device
>
Services
to restart the KMS service.
Select the
KMS Server
radial button, and click
Restart
.
RECEIVE PROACTIVE UPDATES
: Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Subscriber's Choice. Sign up for Subscriber's Choice at the following URL:
Proactive Updates Subscription Form.
