Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274

281

282

283

284

285

286

287

288

289

290

1-16

Cisco Wide Area Application Services Configuration Guide

OL-26579-01

Chapter 1 Configuring Other System Settings

Configuring Secure Store Settings

The WAAS device reencrypts the stored data using a new encryption key derived from the new password.

To change the password and generate a new encryption key on the Central Manager from the CLI, use

the cms secure-store change EXEC command.

To generate a new encryption key for a WAE device from the WAAS Central Manager, follow these

steps:

Step 1 From the WAAS Central Manager menu, choose Devices > device-name (or Device Groups >

device-group-name).

Step 2 Choose Configure > Security > Secure Store.

Step 3 Check the Change CMS Secure Store box and then click Submit.

A new encryption key is generated in the Central Manager. The Central Manager replaces the encryption

key in the WAE with the new key. The WAE re-encrypts the stored data using the new encryption key.

To configure the secure store encryption key from the CLI, use the cms secure-store change EXEC

command.

Resetting Secure Store Encryption on a Central Manager

You can reset the secure store if you reload the Central Manager and you cannot open the secure store

because it is configured in user-provided passphrase mode and you forget the secure store password. This

procedure deletes all encrypted data, certificate and key files, and key manager keys. The secure store is

reinitialized, configured in auto-generated passphrase mode, and opened.

To reset secure store encryption on a Central Manager, follow these steps:

Step 1 At the primary Central Manager CLI, enter the cms secure-store reset command to reset secure store

encryption.

Step 2 Wait until the standby Central Manager replicates the data from the primary Central Manager.

The replication should occur in 60 seconds (default) or as configured for your system.

Step 3 Enter the cms secure-store reset command on the standby Central Manager if secure store is in the

initialized and open state.

Step 4 From the primary Central Manager, reset all user account passwords, CIFS credentials, and NAM

credentials.

For information on resetting user passwords, see the “Changing the Password for Another Account”

section on page 1-7. For information on resetting dynamic share passwords, see the “Creating Dynamic

Shares for the CIFS Accelerator” section on page 1-9. For information on resetting preposition

passwords, see the “Creating a New Preposition Directive” section on page 1-12. For information on

resetting NAM credentials, see the “Configuring the Basic Setup” section on page 1-3.

Step 5 On each WAE registered to the Central Manager, follow these steps:

a. If secure store is initialized and open, from the Central Manager, clear secure store (see the

“Disabling Secure Store Encryption on a WAE Device” section on page 1-17). Or, from the CLI,

enter the cms secure-store clear EXEC command.