1.0 Introduction
This article provides troubleshooting steps for common issues encountered while configuring and running Fortanix Key Insight in on-premises environments.
2.0 Troubleshooting
PROBLEM | RESOLUTION |
|---|
The RESCAN button is disabled when the on-premises connection is in a "Pending" or "Disconnected" state. | Ensure the on-premises connection status is Connected before rescanning. |
Ubuntu 22.04 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run. | Ensure the following dependencies are installed: wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb
dpkg -i libssl1.1_1.1.1f-1ubuntu2_amd64.deb
apt-get install -f
|
Ubuntu 24.04 – Missing libaio.so.1 library error, which is required for fortanix-oracle-scanner and fortanix-scanner to run. | Ensure the following dependencies are installed: apt-get update
apt-get install libaio-dev -y
ln -s /lib/x86_64-linux-gnu/libaio.so.1t64 /lib/x86_64-linux-gnu/libaio.so.1
|
RHEL 9 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run. | Ensure the following dependencies are installed: wget https://yum.oracle.com/repo/OracleLinux/OL9/appstream/x86_64/getPackage/compat-openssl11-1.1.1k-3.el9.x86_64.rpm
dnf install ./compat-openssl11-1.1.1k-3.el9.x86_64.rpm -y
|
File System Scanner Agent fails with the error: "Error in perform_local_fs_scan(): SinkError { message:perform_local_fs_scan(): Sink error while scanning filesystem", cause: AccumulatorClientError { message: Couldn't register a new scan, cause: ReqwestError { message:Error registering new scan: RegisterNewScanRequest { agent_group_id: 243fe2af-3daa-4f88-901f-83d0e460d7cf, agent_host_info: HostInfo { id: \\"09465eca9e7140e9b1ec9d06f154e7f6\\\", hostname: \\\"sandeep-ThinkPad-P14s-Gen-4\\\", ips: [\\\"xxx.xx.x.x\\\", \\\" xxx.xx.x.x \\\", \\\"172.23.0.1\\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.xx\\\"], os_string: \\\"Ubuntu 24.4.0\\\" } } ==> 'http:// xxx.xx.x.x:xxxx/v1/register_new_scan'\", cause: reqwest::Error { kind: Request, url:"http:// xxx.xx.x.x:xxxx /v1/register_new_scan”, source: hyper_util::client::legacy::Error(Connect, ConnectError(\"tcp connect error\", Os { code: 111, kind: “Connection Refused” })) } } } }" | Ensure the Fortanix On-premises Scanner (fortanix-scanner) is running before starting the File System Scanner Agent (fortanix-fs-scanner). |
On a Windows Server 2019 SQL Virtual Machine (VM), running FortanixFsScanner.exe failed with an “Access is denied” error due to a corrupted zero-byte executable (FortanixFsScanner.exe was 0 KB in size). | Uninstall and reinstall the File System Scanner Agent and run it from an elevated (Administrator) terminal. |
The File System Scanner Agent failed with “Couldn't register a new scan … tcp connect error … connection timed out” because it could not reach the Fortanix On-premises Scanner (fortanix-scanner) at the configured host or port. | Configure inbound rules on the on-premises Virtual Machine (VM), allowing traffic from the File System Scanner Agent VM. Validate connectivity before running the File System Scanner Agent: On Linux (Fortanix On-premises Scanner): nc -l -p <PORT>
# or
iperf3 -s -p <PORT>
Here, replace <PORT> with the value configured for the Fortanix On-premises Scanner (fortanix-scanner). For example, 8080 or 1443. On Windows (File System Scanner Agent): Test-NetConnection <ONPREM_IP> -Port <PORT>
#or
ncat <ONPREM_IP> <PORT>
iperf3 -c <ONPREM_IP> -p <PORT>
Here, replace <ONPREM_IP> with the IP address of the Fortanix On-premises Scanner (fortanix-scanner) and <PORT> with the value configured for the Fortanix On-premises Scanner (fortanix-scanner). For example, 8080 or 1443.
|
The container image scan fails with the following error because the Docker daemon is not installed or not running: {level=info msg=\"try to fetch image daemon:hello-world:latest ...\"","timestamp":"2025-12-10 07:23:09.560"} {"level":"INFO","message":"time=\"2025-12-10T12:53:09+05:30\" level=error msg=\"could not fetch image: unable to detect input for 'hello-world:latest', errs: docker not available: failed to connect to Docker daemon. Ensure Docker is running and accessible\\npodman not available: no host address\\ncontainerd not available: no grpc connection or services is available: unavailable\"",}
| Perform the following steps: Ensure Docker is installed on the host machine where the Fortanix On-premises Scanner is running. Ensure the Docker service is running before initiating any scans: Linux - Run the following command: sudo systemctl start docker
Windows - Start the Docker Desktop application or enable the Docker Engine service.
Verify that the Fortanix On-premises Scanner can access the Docker socket: After Docker is running and accessible, rerun the Fortanix On-premises Scanner for container image scan.
|
Fortanix Key Insight identifies encryption keys and data services across on-premises and hybrid multicloud environments, providing a unified dashboard for tracking key mappings and cryptographic security. It offers security and compliance teams data-driven insights to assess risks, align with best practices, and meet industry regulations. Iy also supports continuous risk mitigation and crypto-agility, adapting to evolving security needs, including preparation for the post-quantum era.