-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-10.0
-
No
-
None
-
rhel-storage-io-2
-
ssg_platform_storage
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
-
x86_64
-
None
What were you trying to do that didn't work?
When configuring TLS for NVMe-TCP connections, I am encountering an issue after rebooting the host. I connect to the namespace as follows:
subsysnqn=nqn.1992-08.com.netapp:sn.48c34f56b71f11ef8a10d039ea98949f:subsystem.rhel_103_ss_1_tls keydata=NVMeTLSkey-1:01:ZGWG+gp2Wt22Qnc3Bjw2UwVndVgnwB/yTozbmsf0SBQKexut: # nvme check-tls-key -vv --identity=1 --subsysnqn=$subsysnqn --keydata=$keydata --insert --keyfile /etc/nvme/tls-keys # nvme connect -t tcp --tls -a 172.18.50.171 -n nqn.1992-08.com.netapp:sn.48c34f56b71f11ef8a10d039ea98949f:subsystem.rhel_103_ss_1_tls
This works fine and I can see the key is stored here:
# cat /etc/nvme/tls-keys NVMe1R01 nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0034-5310-8057-b1c04f355333 nqn.1992-08.com.netapp:sn.48c34f56b71f11ef8a10d039ea98949f:subsystem.rhel_103_ss_1_tls X/BWVgLaLhMCfYGutzhPWXv6pCNYoAIxBVFG1eAzSV4= NVMeTLSkey-1:01:RKXwLrA7a+XEx43O2AR2eKprZPtI/svePLiRmmSDhkKMrZaZ:
However, after a reboot, if I try to re-connect I see this:
# nvme connect -t tcp --tls -a 172.18.50.171 -n nqn.1992-08.com.netapp:sn.48c34f56b71f11ef8a10d039ea98949f:subsystem.rhel_103_ss_1_tls could not add new controller: pre-shared TLS key is missing
I have to run this command again before trying to connect:
# nvme check-tls-key -vv --identity=1 --subsysnqn=$subsysnqn --keydata=$keydata --insert
Please provide the package NVR for which the bug is seen:
[root@rhel-storage-103 ~]# rpm -qa nvme-cli
nvme-cli-2.11-3.el10.x86_64
[root@rhel-storage-103 ~]# uname -r
6.12.0-38.el10.x86_64
How reproducible is this bug?: Often
Steps to reproduce
- see above
Expected results
Actual results
- is depended on by
-
RHEL-73470 [RHEL10] NVMe/TCP Transport Layer Security (TLS)
-
- New
-
