After a fresh install of an 11.1 Linux Enforce server, the following message is displayed in the web interface:
Code 2206 Summary Cryptographic key ignition failed Detail Failed to ignite the cryptographic keys using the master key. Please look in the enforce server logs for more information.
The following messages are present in the logs:
localhost.yyyy-mm-dd.log: WARNING [com.vontu.manager.system.keystore.KeystoreRotationTask] (MANAGER.803) Unable to check if keys rotation is required because the keystore has not yet been ignited. Will try again in 1 day(s)
IncidentPersister_0.log: (SEVERE) Thread: 10 [com.vontu.incidenthandler.keystore.KeyStoreIgniter.igniteKeys] KeyIgnition failedcom.vontu.enforce.domainlayer.crypto.MasterKeyException: The master key could not be read (SEVERE) Thread: 10 [com.vontu.incidenthandler.IncidentPersister.main] Incident Persistor was unable to initialize com.vontu.incidenthandler.PersisterInitializationException: Unable to initialize Model Caused by: com.vontu.incidenthandler.PersisterInitializationException: KeyIgnition failed Caused by: com.vontu.enforce.domainlayer.crypto.MasterKeyException: The master key could not be read Caused by: com.vontu.enforce.domainlayer.crypto.MasterKeyException: The master key file could not be read Caused by: java.io.FileNotFoundException: /opt/Vontu/Protect/config/CryptoMasterKey.properties (Permission denied)
Correct the permissions on the CryptoMasterKey.properties file with the command run as root then recycle the Vontu Manger service: