Replication problems and resolutions

This section describes replication problems and resolutions.

Replication errors on the user interface

The replication section on the Welcome page displays the status of the last run of the replication process. You can also view details about a failed replication run. For more information, see Viewing status of full replication.

Incomplete replication

  • Ensure that the TLS certificate with private key that is specified in the backup.TLSCertAlias parameter are available on both the master and clone servers.
  • Ensure that port number for the master server is free. Clone port numbers that are configured on the master server must be free on the clone server.
  • Check the server names or IP addresses specified in the replication configuration file are correct and accessible from the master server.
  • Check whether the replication task is up on each server by running the Replication Status REST Service, or the status on the Replication section of IBM Security Guardium Key Lifecycle Manager welcome page.
  • For Db2 replication, ensure that date/time of master and clone servers are closely synchronized. Large discrepancies can lead to restore failure.
  • Check the replication configuration file to ensure that the minimum required parameters are defined, without typographical error.
  • Define a maximum of 1 master and 20 associated clones.
  • Check the replication audit file to get more information about replication failure.

Replication is not taking place at scheduled time

  • Scheduled replications take place only when new keys, and devices are added or modified on the master server.
  • When both specific replication time and a check interval are set in the master replication configuration file, the time overrides the check interval.

Clone system replication

  • The clone IBM Security Guardium Key Lifecycle Manager server restarts after replication.
  • Maintain the availability of your clone servers. You can specify a specific time-of-day to complete the replication with the restore.DailyStartReplicationRestoreTime parameter. For example, to run restores only at 11 PM, regardless of when the backup file is received, code the following property in the configuration file:
    restore.DailyStartReplicationRestoreTime=23:00