Troubleshooting
This section describes the issues you may run into and how to resolve them. If you face an issue that is not listed here, contact Thales Customer Support.
Errors in DPG Logs
| Error/Issue | Possible Cause | Resolution |
|---|---|---|
Registration failed with error: provided registration token is not associated with any client profile | Registration token is incorrect. | Check registration token on CipherTrust Manager. |
Registration failed with error: License found is exhausted for feature DataProtectionGateway | Licenses expired in the trial mode. | Contact Sales Team for license renewal. |
Error while sending request, connection timed out | Client unable to establish connection with CipherTrust Manager. | Ensure CipherTrustManager is up and running. |
Invalid authorization scheme | — There is a mismatch between authentication scheme in Request header and Application Configuration on CipherTrust Manager. — The CipherTrust Manager version is below 2.9. | Use the same authentication scheme in the Request Header and Application configuration. |
Registration failed, exiting the container | — Supplied registration token or CipherTrust Manager IP address is invalid. — Network error. | — Provide the correct registration token and CipherTrust Manager IP address during deployment. — Ensure network connectivity. |
Input buffer is too short (len=1), it has to be at least 2 characters long | Token length is less than 2 characters (in case of FPE). | Token should be at least 2 characters long (in case of FPE). |
Request failed with error: Cannot export unexportable key | Key might not be exportable. | Ensure that key is exportable. |
Container is unhealthy and unrecoverable; unable to process any request | The heartbeat threshold has crossed. | Either restart the DPG container or orchestrate a new container. |
Input Version Header is invalid | Mismatch in external version header in protect and reveal requests. | Ensure to use the same external version header in protect and reveal operations for an endpoint. |
Errors in API Response
| Error/Issue | Possible Cause | Resolution |
|---|---|---|
Error: Status 404 | Occurs when tls_enabled=true, and skip_verify=true. | Make sure SSL certificates are valid and accessible by the client. |
Error: 502 bad gateway | — URL of the application server is incorrect. — The application server is down. | Make sure the destination URL is correct and the application server is up and running. |
Error: validation: chart.metadata is required | chart.metadata is missing. | Make sure chart.yaml exists at the path where the helm install command is run. |
Response code:400error message:Client sent an HTTP request to an HTTPS server | Request is made over HTTP. | Make sure "client to DPG" (through browser/tool) and "DPG to server" requests are over https. |
Error: Status 401: invalid authorization scheme | Occurs when there is a mismatch in the authentication scheme in Request Header and Application Configuration on the CipherTrust Manager. | Ensure to use the same authentication scheme in the Request Header and Application. |
503: Service Unavailable | Occurs when the heartbeat threshold has crossed. | Either restart the DPG container or orchestrate a new container. |
Error: Status code: 422: http.StatusUnprocessableEntity | Occurs when there is a mismatch in external version header in protect and reveal requests. | Ensure to use the same external version header in the protect and reveal operations for an endpoint. |
