Replication problems and resolution

You must consider possible issues on the clone and master systems when you run the IBM Security Guardium Key Lifecycle Manager replication task.

Incomplete replication

  • Ensure that the TLS certificate with private key that is specified in the backup.TLSCertAlias parameter are available on both the master and clone servers.
  • Ensure that port number for the master server is free. Clone port numbers that are configured on the master server must be free on the clone server.
  • Check the server names or IP addresses specified in the replication configuration file are correct and accessible from the master server.
  • Check whether the replication task is up on each server by running the Replication Status REST Service or the status on the Replication section of IBM Security Guardium Key Lifecycle Manager welcome page.
  • For DB2® replication, ensure that date/time of master and clone servers are closely synchronized. Large discrepancies can lead to restore failure.
  • Check the replication configuration file to ensure that the minimum required parameters are defined, without typographical error.
  • Define a maximum of 1 master and 20 associated clones.
  • Check the replication audit file to get more information about replication failure.

Replication is not taking place at scheduled time

  • Scheduled replications take place only when new keys, and devices are added or modified on the master server.
  • When both specific replication time and a check interval are set in the master replication configuration file, the time overrides the check interval.

Clone system replication

  • The clone IBM Security Guardium Key Lifecycle Manager server restarts after replication.
  • Maintain the availability of your clone servers. You can specify a specific time-of-day to complete the replication with the restore.DailyStartReplicationRestoreTime parameter. For example, to run restores only at 11 PM, regardless of when the backup file is received, code the following property in the configuration file:
    restore.DailyStartReplicationRestoreTime=23:00