Having two keys on Symantec Encryption Management Server is not supported for PGP Support Package for Blackberry

Article:TECH212009  |  Created: 2013-10-29  |  Updated: 2013-10-29  |  Article URL http://www.symantec.com/docs/TECH212009
Article Type
Technical Solution


Issue



User having two keys on Symantec Encryption Management Server (SEMS) receive an error message during policy update.


Error



"PGP Key is not Valid" or "PGP Key is expired"


Environment



Symantec Encryption Management Server

PGP Support Package for Blackberry


Cause



PGP Support for Blackberry and Blackberry Enterprise Server (BES) don't have any ability to choose the primary key on the server.  Therefore users will get sometimes the second key during policy update.  Having two keys on SEMS is not supported, because only the primary key should be used for signing and encrypting email.
 


Solution



Symantec will not provide any solution on this issue.  Symantec provides following Workaround:

Please delete the second key from the server. If the user has Symantec Encryption Desktop (SED), the key can be imported to SED for en-/decrypting emails.

Please make sure that you have a backup of the deleted key, just in case the users has problems with their machine.




Article URL http://www.symantec.com/docs/TECH212009


Terms of use for this information are found in Legal Notices