mac check in GCM failed Errors
cantor.2 at osu.edu
Mon Mar 12 09:11:45 EDT 2018
> It appears related to the two sealer files in credentials and I believe I should
> have just copied these two files over to the standby server before doing the
> CNAME switch.
If you choose to use client storage then by definition every node must have an identical set of keys at all times.
> I expected the errors to go away over the weekend but I still
> see them. Are the IDP sessions supposed to last that long?
The IdP can't tell a session has expired until it decrypts the data and finds that out.
More information about the users