NetBackup status code: 8238
Message: The keys that were retrieved from the external KMS server are not usable for decryption.
Explanation: The Symmetric key that was retrieved from the external KMS server is not usable for decryption due to the following:
State of the key is other than the allowed states active, compromised, or deactivated.
Cryptographic Usage Mask of the key is not set for decryption.
Process Start Date of the key is in future.
The time and or date does not match between the NetBackup master server and the external KMS server.
Recommended Action: Perform the following as appropriate:
Set the Cryptographic Usage mask of the key for decryption.
Correct the Process Start date.
Check if the time and or date does not match between the NetBackup master server and the external KMS server. If they do not match, correct the time and or date.
Set the flag EKMS_DISABLE_KEY_USAGE_CHECK=1 in
bp.confto bypass key usage check.
Click here to view technical notes and other information on the Cohesity Technical Support website about this status code.