If there is a problem with communication between the Master and a Server Agent, this may be caused by a mismatch between the nodekeys used for encrypting BoKS traffic.
In the error log you get messages similar to the following:
boks_bridge@host Wed Dec 5 08:45:09 2012
WARNING: 32631: Cannot encrypt message. No key found for 18.104.22.168
The nodekeys are used for session key negotiation by the boks_bridge processes. Keys are cached in a Shared Memory segment on the Master and Replicas. This makes it possible to change the nodekey for a host in the BoKS database without disturbing the communication between that host and the Master and Replicas. (The cache is deleted if BoKS is shut down with the Boot -k command).
Nodekeys are also used as the encryption key for BoKS host virtual cards. A virtual card file is a credential store containing X.509 certificates and corresponding private keys.
If a host virtual card is in use it should be deleted and re-created when the nodekey has been changed. You can manage the host virtual card in the host details page in FoxT Control Center.
Resolution / Workaround
Verify the nodekey by running "hostkey -g -h
To reset the nodekeys, a two-step process needs to be performed on the affected Server Agent and the BoKS Master:
1. On the BoKS Master:
2. On the Server Agent:
Still have questions? We can help. Submit a case to Technical Support.