Getting the Error RET_MXN_AUTH_FAILED? You are in luck! Our Support Team is here with an easy resolution for this error.
Read on to find out the whys and the hows behind this common error. With the right solution in hand, you will be able to go about your business as usual. Bobcares is here to offer support and help when you need it with our Server Management Services.
What is RET_MXN_AUTH_FAILED error?
The Error RET_MXN_AUTH_FAILED is a clear indication that the M of N authentication was not provided. M of N authentication indicates that at least 2 users need to sign a token in order to run a command.
This ensures that a single user does not perform an incorrect activity on the CloudHSM cluster. In fact, this comes in handy in maintaining the integrity of the CloudHSM cluster.
As you can see below, the listUsers command shows that the MofnPubkey has been set to NO:
aws-cloudhsm>aws-cloudhsm>listUsers Users on server 0(172.31.21.34): Number of users found:6 User Id User Type User Name MofnPubKey LoginFailureCnt 2FA 1 CO admin NO 0 NO 2 AU app_user NO 0 NO 3 CU cryptouser NO 0 NO 4 CO admin1 NO 0 NO 5 CO palmep NO 0 NO 6 CU user1 NO 0 NO
This specifies that no users have a public key to sign quorum tokens. Furthermore, CO users (crypto officer users) need to register the public key with the registerMofnPubKey command for the CloudHSM cluster.
Resolving RET_MXN_AUTH_FAILED error
In order to resolve this error, our Support Team recommends running the getMValue command on the CloudHSM cluster first. We will use parameter 3 to specify the value for commands under service 3. This particular operation uses deleteUser, createUser and changePswd.
For instance,
aws-cloudhsm>getMValue 3 MValue of service 3[USER_MGMT] on server 0 : [2] MValue of service 3[USER_MGMT] on server 1 : [2]
Here, the value of the cluster is 2 for the HSM server. Although the value cannot be lowered, it can be raised. In case the value is enabled by accident, it can be restored from a previous CloudHSM cluster backup.
The error is resolved by creating and registering an asymmetric key with the exact number of users as specified in the getMvalue.
[Need a hand with Server Management? Give us a call today.]
Conclusion
In short, we learned why the RET_MXN_AUTH_FAILED error arises and how to resolve it as well. The Support Team at Bobcares demonstrated how the getMvalue plays a key role in setting the public key for the quorum tokens as well.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
0 Comments