Error Message

V-79-57344-3856 The encryption key required by this set could not be retrieved. The Catalog operation for this set was skipped by the user.

 

Disable FIPS 140-2 compliant software encryption before creating a 128-bit encryption key.

Complete the following steps to disable FIPS 140-2 compliant software encryption:

1. Click the Backup Exec button, select Configuration and Settings, and then click Backup Exec Settings.
2. In the left pane, select Network and Security.
3. Deselect the option Use FIPS 140-2 compliant software encryption.
4. Click OK.
5. Click the Backup Exec button, select Configuration and Settings, and then click Backup Exec Services.
6. Click Restart all services.

   Restart all Backup Exec services when enabling or disabling FIPS 140-2 compliant software encryption.

7. Once the services have restarted, click Close.

After FIPS 140-2 compliant software encryption is enable, recreate the missing encryption key. The new encryption key must have the same encryption type and pass phrase as the original encryption key that was used to back up the data to catalog.

Complete the following steps to recreate the encryption key:

1. Click the Backup Exec button, select Configuration and Settings, and then click Backup Exec Settings.
2. In the left pane, select Network and Security.
3. Click Manage Keys.
4. Click New.
5. In the Key name field, type a name for the new encryption key.
6. In the Encryption type field, select 128-bit AES.
7. In the Pass phrase field, type the pass phrase used for the missing encryption key.
8. In the Confirm pass phrase field, type the pass phrase again to confirm it.
9. In the Encryption key type group box, select the encryption key type to use for the new key.
10. Click OK.

After recreating the encryption key, re-enable FIPS 140-2 compliant software encryption. Make sure to restart all Backup Exec services after re-enabling FIPS-compliance. Run the catalog operation again. Backup Exec uses the 128-bit encryption key that was created to access the backup sets.

 

When attempting to run a catalog operation on backup sets that were created with encryption, the appropriate encryption key must be selected to access the encrypted sets. If the encryption key was deleted or if Backup Exec cannot access it, the key cannot be recreated. However, when attempting to catalog backup sets that were created with 128-bit encryption and FIPS 140-2 compliant software encryption is enabled as a default backup setting, the catalog operation fails. Backup Exec does allow the recreation any missing 128-bit encryption keys. This is a known issue. FIPS 140-2 compliant software encryption requires a 256-bit encryption key. New 128-bit encryption keys cannot be created if FIPS 140-2 compliant software encryption is enabled as a default setting.

UMI: V-79-57344-3856