Troubleshooting
This chapter describes what to do if you have an issue with your HSM, or your Security World Software.
Checking operational status
Use the following methods to check the operational status of the module.
Enquiry utility
Run the enquiry
utility to check that your module is working correctly.
The enquiry
utility is in the bin
subdirectory of the nCipher
directory.
This is usually:
-
C:\Program Files\nCipher\nfast
for Windows. -
/opt/nfast
for Linux.
If the module is working correctly, the enquiry
utility returns the message:
Server:
enquiry reply flags none
enquiry reply level Six
serial number ####-####-####
mode operational
version #-#-#
speed index ######
rec. queue ####..####
...
version serial #
remote port (IPv4) ####
Module ##:
enquiry reply flags none
enquiry reply level Six
serial number ####-####-####
mode operational
version #-#-#
speed index #####
rec. queue ##..###
...
rec. LongJobs queue ##
SEE machine type PowerPCELF
supported KML types DSAp1024s160 DSAp3072s256
hardware status OK
If the output from the enquiry
utility does not show mode operational
, you can use the Status LED to discover the status of the module.
Status LED
The blue Status LED indicates the operational status of the module.
Status LED | Description |
---|---|
Off. |
Status: Power off or Standby mode There is either no power supply to the module or the module is in Standby mode. If you suspect that there is no power supply, check that the module is properly connected and switched on. If you believe the module’s power supply unit has failed, contact Support. |
On, occasionally blinks off. |
Status: Operational mode The module is in Operational mode and accepting commands. The more frequently the Status LED blinks off, the greater the load on the module. |
Flashes two short pulses, followed by a short pause. |
Status: Initialization mode Existing Security World data on the module has been erased. The module is automatically placed in Initialization mode after a Security World is created. For more information, see the nShield Connect User Guide. |
Flashes two long pulses followed by a pause. |
Status: Maintenance mode Used for reprogramming the module with new firmware. The module only goes into Maintenance mode during a software upgrade. |
Flashes SOS, the Morse code distress code (three short pulses, three long pulses, three short pulses). After flashing SOS, the Status LED flashes a Morse code letter which identifies the error. |
Status: Error mode If the module encounters an unrecoverable error, it enters Error mode. In Error mode, the module does not respond to commands and does not write data to the bus. For internal security modules running firmware 2.6.1.2 and above, the error code is also reported by the If a command does not complete successfully, the module normally writes an error message to the log file and continues to accept further commands. It does not enter Error mode. For information about error codes, see the User Guide. |
Audible warning
An audible warning sounds for some critical errors relating to the PSUs on the module. The orange warning LED (see Orange warning LED) accompanies the audible warning.
The warning sounds when only one of the two PSUs is powered and turned on. Check that:
-
The rocker switch on both PSUs is in the
on
position. -
Both PSUs are connected to the mains supply.
If the audible warning continues, there might be a fault with one or both PSUs. Before investigating further, switch off the audible alarm by navigating to the 1‑2‑5‑3 Critical Errors screen. The orange warning LED remains on until you resolve the issue.
For more information about identifying and replacing a failed PSU, see the nShield Connect Power Supply Unit Installation Sheet.
Orange warning LED
If the orange warning LED is on, the module has encountered a critical error (for example, overheating or PSU failure) that may require immediate action. To find the cause of a critical error, navigate to System information > View h/w diagnostics > Critical Errors.
Checking the physical security of the module
The physical security measures implemented on the module include tamper detection. This warns you of tampering in an operational environment. For more information about tamper detection, including the tamper warning messages, see the nShield Connect Physical Security Checklist or the nShield Connect User Guide.
Display screen
When the module is in Maintenance or Initialization mode, there is a color-coded footer at the bottom of the display screen. There is no footer when the module is in Operational mode.
Footer color | Text in footer | Meaning |
---|---|---|
Yellow |
Initialization |
The system is rebooting or waiting for an Administrator Card to be inserted. |
Blue |
Maintenance |
An administrative task is being performed. This mode is only entered during firmware upgrades. |
Red |
HSM Failed |
The internal module has failed. See Orange warning LED for more information. |
Do not interrupt power to the module during a firmware upgrade. |
The blue Status LED flashes to indicate the status of the internal security module. |
Power button
The [.gui}*Power* button, in combination with the display screen, indicates the general status of the module.
The display screen turns off automatically if the front panel buttons are inactive for more than three minutes. Use the touch wheel to turn the display screen back on. |
Power button | Display screen | Status |
---|---|---|
On |
On, displaying menus and dialogs |
The module is operational. |
On |
On, displaying messages but not displaying labels for the navigation buttons |
The module is running an upgrade. A color-coded footer indicates the specific status: yellow for initialization, red (maintenance) for upgrade. |
On, flashes occasionally |
On, displaying messages but not displaying labels for the navigation buttons |
The module is performing start-up. |
Mostly off, flashes occasionally |
Off |
The module is in Standby mode (that is, it has been powered down from the front panel using the [.gui}*Power* button). Press the [.gui}*Power* button to turn it on. |
Flashes regularly |
On, with “Critical Error” message |
The module is unable to start-up or has failed. The error message describes the problem. If you can remedy the problem, do so, and press the [.gui}*Power* button to restart the module. Otherwise, contact Support. |
Flashes irregularly |
Off |
A low-level critical error has occurred. |
Ethernet LEDs
There are four Ethernet LEDs, two for each of the two Ethernet ports on the module. The Ethernet LEDs indicate the status of the connection with other Ethernet devices.
Ethernet LEDs | Status |
---|---|
Flashes regularly |
The status of the Ethernet link is currently unknown (the Ethernet LEDs flash when the module is powering up). |
Off |
There is no Ethernet link. The Ethernet cable is either not connected to the module or the cable is not connected to a functioning Ethernet device. |
On, green only |
Indicates a 10Mb or 100Mb Ethernet link. |
On, green and orange |
Indicates a 1Gb Ethernet link. |
Module overheating
If the internal module of the nShield Connect exceeds the safe operating temperature, the unit stops operating and displays the SOS‑T
error message on the Status LED.
See Status LED for details of the SOS‑T
error message.
Log messages for the module
To view log messages from the main menu of the module:
-
Select System > System information.
-
Select either:
-
View system log.
-
View hardserver log.
-
The client can store logs, and can configure them to contain different types of message.
Information
This type of message indicates routine events:
nFast Server service: about to start
nFast Server service version starting
nFast server: Information: New client clientid connected
nFast server: Information: New client clientid connected - privileged
nFast server: Information: Client clientid disconnected
nFast Server service stopping
Client
This type of message indicates that the server has detected an error in the data sent by the client (but other clients are unaffected):
nFast server: Detected error in client behaviour: message
Serious error
This type of message indicates a serious error, such as a communications or memory failure:
nFast server: Serious error, trying to continue: message
If you receive a serious error, even if you are able to recover, contact Support.
Serious internal error
This type of message indicates that the server has detected a serious error in the reply from the module. These messages indicate a failure of either the module or the server:
nFast server: Serious internal error, trying to continue: message
If you receive a serious internal error, contact Support.
Start-up errors
This type of message indicates that the server was unable to start:
nFast server: Fatal error during startup: message nFast Server service version failed init.
nFast Server service version failed to read registry
Reinstall the Security World software, see Installing the software. If reinstallation does not solve the problem, contact Support.
Utility error messages
This type of message might indicate an error status when you run a command line utility.
BadTokenData error in nShield modules
Some nShield modules are equipped with a rechargeable backup battery for maintaining Real Time Clock (RTC) operation when the module is powered down. This battery normally lasts for up to two weeks if no power is supplied to the nShield Connect unit.
If the module is without power for an extended period, the RTC time is lost.
When this happens, attempts to read the clock (for example, using the ncdate
or rtc
utilities) return a BadTokenData
error status.
The correct procedure in this case is to leave the nShield Connect powered up for at least 10 hours to recharge the battery, and then reset the clock. No other nonvolatile data is lost when this occurs.