Direct links to fixes
8.1.12.000-IBM-SPSRV-WindowsX64
8.1.12.000-IBM-SPSRV-Linuxx86_64
8.1.12.000-IBM-SPSRV-Linuxs390x
8.1.12.000-IBM-SPSRV-Linuxppc64le
8.1.12.000-IBM-SPSRV-AIX
7.1.13.100-TIV-TSMOC-Windows
7.1.13.100-TIV-TSMOC-Linuxx64
7.1.13.100-TIV-TSMOC-LinuxS390
7.1.13.100-TIV-TSMOC-LinuxPPC64le
7.1.13.100-TIV-TSMOC-LinuxPPC64
7.1.13.100-TIV-TSMOC-AIX
7.1.13.100-TIV-TSMSRV-WIN
7.1.13.100-TIV-TSMSRV-SolarisSPARC
7.1.13.100-TIV-TSMSRV-Linuxx86_64
7.1.13.100-TIV-TSMSRV-Linuxs390x
7.1.13.100-TIV-TSMSRV-Linuxppc64
7.1.13.100-TIV-TSMSRV-HP-UX
7.1.13.100-TIV-TSMSRV-AIX
IBM Spectrum Protect Server V8.1 Fix Pack 12 (V8.1.12) Downloads
APAR status
Closed as program error.
Error description
Decryption of the master encryption key during a database restore operation may fail if the GSKit version used to create the database backup is earlier than the version of GSKit that is being used to restore the database backup. This problem is more likely to affect disaster recovery scenarios where the database backup is being restored to an alternate host. Despite specifying the correct password for the master encryption key, the restore operation will generate the following error: ANR1741E The server master encryption key in the database backup cannot be read. The password might be incorrect, or the encryption key might be invalid. Due to code changes made in GSKit, a database backed up using GSKit <8.0.50.78 in Non-FIPS mode or GSKit <8.0.50.86 in FIPS mode cannot be restored using a newer version of GSKit. The 7.1.8, 8.1.2 and 8.1.3 versions of server code are bundled with GSKit version 8.0.5.78 (FIPSMODE enabled) and, as such, attempts to restore database backups created by these server versions on hosts with more current versions of GSKit installed will likely experience this problem. Instructions for determining the installed version of GSKit can be found at the following URL: https://www.ibm.com/support/pages/node/1095874 Spectrum Protect Versions Affected: o Server version 7.1.8 and above 7.1 levels on all platforms when restoring database backups from server version 7.1.8 o Server version 8.1.2 and above 8.1 levels on all platforms when restoring database backups from server version 8.1.2 o Server version 8.1.3 and above 8.1 levels on all platforms when restoring database backups from server versions 8.1.2 and 8.1.3 Initial Impact: Medium Additional Keywords: TS004607524
Local fix
1. Ensure that the same version of GSKit installed on the host where the database backup was performed is also installed on the host where the database backup is being restored. 2. As a circumvention for the database restore failure, the master encryption key files (eg. dsmkeydb.kdb, dsmkeydb.sth) can be copied from the original host, if possible.
Problem summary
**************************************************************** * USERS AFFECTED: * * All IBM Spectrum Protect server users. * **************************************************************** * PROBLEM DESCRIPTION: * * See error description. * **************************************************************** * RECOMMENDATION: * * Apply fixing level when available. This problem is currently * * projected to be fixed in levels 7.1.13.100 and 8.1.12. Note * * that this is subject to change at the discretion of IBM. * ****************************************************************
Problem conclusion
This problem was fixed. Affected platforms for reported release: AIX, HP-UX, Solaris, Linux, and Windows. Platforms fixed: AIX, HP-UX, Solaris, Linux, and Windows.
Temporary fix
Comments
APAR Information
APAR number
IT35814
Reported component name
TSM SERVER
Reported component ID
5698ISMSV
Reported release
81A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2021-02-05
Closed date
2021-02-12
Last modified date
2021-02-12
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TSM SERVER
Fixed component ID
5698ISMSV
Applicable component levels
R71A PSY
UP
R71H PSY
UP
R71L PSY
UP
R71S PSY
UP
R71W PSY
UP
R81A PSY
UP
R81L PSY
UP
R81W PSY
UP
Document Information
Modified date:
05 November 2021