Quick Reference Guide

merged an EKM 2.X version into EKM 3.0 and then removed EKM 2.X key groups from EKM 3.0, the ekmcert certificate

from the merge will still exist on the EKM 3.0 server, and may exist even if you restore from a previous backup. Because

the merge tool attempts to add the ekmcert certificate again, the merge will fail.

You must remove the ekmcert certificate from the EKM 3.0 server if any of the following situations exist:

• You migrated an EKM 2.X into EKM 3.0 during the EKM 3.0 installation procedure

• This is not the first time you have merged EKM 2.X into EKM 3.0

• You need to delete a previously-merged or migrated EKM 2.X version

• You receive the following error when you attempt a merge. This error indicates the ekmcert certificate is already

2. In the navigation pane, navigate to Dell Encryption Key Manager → Advanced Configuration → Server Certificates.

The Administer Server Certificates screen appears.

3. On the Administer Server Certificates screen, verify that the ekmcert certificate is listed and not currently in use.

If the ekmcert certificate is not currently in use, go to the next step. If the ekmcert certificate is currently in use,

perform the following steps:

a) Select the ekmcert certificate.

b) Click Modify.

c) Uncheck the Current Certificate In Use check box.

d) Click Modify Certificate.

The Administer Server Certificates screen appears. The certificate displays as not in use.

This chapter describes how to delete a single key. You cannot delete a key that is associated with a device.

CAUTION: Deleting a key is the equivalent of deleting any data protected by that key as the data will no longer be

accessible. Deleted keys cannot be recovered by any means for security purposes.

NOTE: If you received an error message that you have a duplicate key when you performed a merge from EKM 2.X

to EKM 3.0, Dell recommends that you rename the duplicate key in EKM 2.X. Refer to the EKM 2.X user's guide for

more information.

39