1.0 Introduction
This article provides troubleshooting steps for common issues encountered while configuring and running Fortanix Key Insight in on-premises environments.
2.0 Troubleshooting
PROBLEM | RESOLUTION |
|---|
The RESCAN button is disabled when the on-premises connection is in a "Pending" or "Disconnected" state. | Ensure the on-premises connection status is Connected before rescanning. |
Ubuntu 22.04 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run. | Ensure the following dependencies are installed: wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb
dpkg -i libssl1.1_1.1.1f-1ubuntu2_amd64.deb
apt-get install -f
|
Ubuntu 24.04 – Missing libaio.so.1 library error, which is required for fortanix-oracle-scanner and fortanix-scanner to run. | Ensure the following dependencies are installed: apt-get update
apt-get install libaio-dev -y
ln -s /lib/x86_64-linux-gnu/libaio.so.1t64 /lib/x86_64-linux-gnu/libaio.so.1
|
RHEL 9 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run. | Ensure the following dependencies are installed: wget https://yum.oracle.com/repo/OracleLinux/OL9/appstream/x86_64/getPackage/compat-openssl11-1.1.1k-3.el9.x86_64.rpm
dnf install ./compat-openssl11-1.1.1k-3.el9.x86_64.rpm -y
|
File System Agent scanner fails with the error: "Error in perform_local_fs_scan(): SinkError { message:perform_local_fs_scan(): Sink error while scanning filesystem", cause: AccumulatorClientError { message: Couldn't register a new scan, cause: ReqwestError { message:Error registering new scan: RegisterNewScanRequest { agent_group_id: 243fe2af-3daa-4f88-901f-83d0e460d7cf, agent_host_info: HostInfo { id: \\"09465eca9e7140e9b1ec9d06f154e7f6\\\", hostname: \\\"sandeep-ThinkPad-P14s-Gen-4\\\", ips: [\\\"xxx.xx.x.x\\\", \\\" xxx.xx.x.x \\\", \\\"172.23.0.1\\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.xx\\\"], os_string: \\\"Ubuntu 24.4.0\\\" } } ==> 'http:// xxx.xx.x.x:xxxx/v1/register_new_scan'\", cause: reqwest::Error { kind: Request, url:"http:// xxx.xx.x.x:xxxx /v1/register_new_scan”, source: hyper_util::client::legacy::Error(Connect, ConnectError(\"tcp connect error\", Os { code: 111, kind: “Connection Refused” })) } } } }" | Ensure the on-premises scanner service (fortanix-scanner) is running before starting the File System Agent scanner (fortanix-fs-scanner). |
On a Windows Server 2019 SQL Virtual Machine (VM), running FortanixFsScanner.exe failed with an “Access is denied” error due to a corrupted zero-byte executable (FortanixFsScanner.exe was 0 KB in size). | Uninstall and reinstall the File System Agent scanner and run it from an elevated (Administrator) terminal. |
The File System Agent failed with “Couldn't register a new scan … tcp connect error … connection timed out” because it could not reach the On-premises (fortanix-scanner) scanner service at the configured host or port. | Configure inbound rules on the on-premises Virtual Machine (VM), allowing traffic from the File System Agent VM. Validate connectivity before running the File System Agent Scanner: On Linux (on-premises): nc -l -p <PORT>
# or
iperf3 -s -p <PORT>
Here, replace <PORT> with the value configured for the on-premises scanner (fortanix-scanner). For example, 8080 or 1443. On Windows (File System Agent): Test-NetConnection <ONPREM_IP> -Port <PORT>
#or
ncat <ONPREM_IP> <PORT>
iperf3 -c <ONPREM_IP> -p <PORT>
Here, replace <ONPREM_IP> with the IP address of the on-premises scanner (fortanix-scanner) and <PORT> with the value configured for the on-premises scanner (fortanix-scanner). For example, 8080 or 1443.
|
Fortanix Key Insight identifies encryption keys and data services across on-premises and hybrid multicloud environments, providing a unified dashboard for tracking key mappings and cryptographic security. It offers security and compliance teams data-driven insights to assess risks, align with best practices, and meet industry regulations. Iy also supports continuous risk mitigation and crypto-agility, adapting to evolving security needs, including preparation for the post-quantum era.