When trying to import the public key as a key of external user on Symantec Encryption Management Server (formerly PGP Universal Server) your import if failing with following Error Message
There was an error importing the external user keys. Please check the Administration logs for further details.
Not importing user "User ID <firstname.lastname@example.org>" (KeyID: <0x12345678>) because it is in a managed domain
SQL command execution error: ERROR: duplicate key value violates unique constraint "boom_email_idx"
By design, the Photo ID contains no email address associated with User ID of the key.
Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.
Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.
This issue is fixed in the following release:
- Symantec Encryption Management Server 3.3.2 MP8
This version/Maintenance Pack is available for download via your account on Symantec File Connect. fileconnect.symantec.com
The following is a known temporary workaround for the issue until the version/maintenance pack is released:
This issue can be temporarily resolved by one of the following:
- External user should import his own key through the Settings of Web Email Protection (Web Messenger):
- Send user an email through Encryption Management Server or create user record providing email address in External Users tab > Add External User (email sent automatically to email address that you provide in Email Addresses filed)
- Using the link from email external user should login to Web Email Protection (Web Messenger)
- Depending on the Web Email Protection (Web Messenger) configuration external user should either click on Settings link on the top of the page with Inbox view or select the preferences that displayed after first user login, prior the page with Inbox view .
- External user should select Key or digital ID/certificate option in the selection of preferences for Web Email Protection (Web Messenger)
- External user should Click Choose Option button
- When next page loaded, external user should provide his public key for import and click Continue
- When finished the record of external user will be created and associated with key provided at the previous step.
- All email addresses that doesn't match the email which received invitation from Web Email Protection (Web Messenger) will be removed from the key. This include the Photo ID which has no email address associated with it
- Remove the Photo ID from the key prior key import
- Import public Key in Symantec Encryption Desktop
- Expand all Key ID's
- Select Photo ID from the list of ID's
- Right Click on Photo ID and select Delete
Symantec Encryption Management Server 3.3.x
PGP Universal Server 3.2.x
Unable to import key with Photo ID as a key of external user