主机保护者服务疑难解答Troubleshooting the Host Guardian Service

适用于: Windows Server 2019、Windows Server (半年频道) 、Windows Server 2016Applies to: Windows Server 2019, Windows Server (Semi-Annual Channel), Windows Server 2016

本文介绍在受保护的构造中 (HGS) 服务器部署或操作主机保护者服务时遇到的常见问题的解决方法。This article describes resolutions to common problems encountered when deploying or operating a Host Guardian Service (HGS) server in a guarded fabric. 如果你不确定问题的性质,请首先尝试在 HGS 服务器和 Hyper-v 主机上运行 受保护的构造诊断 ,以缩小可能的原因。If you are unsure of the nature of your problem, first try running the guarded fabric diagnostics on your HGS servers and Hyper-V hosts to narrow down the potential causes.

证书Certificates

HGS 需要使用多个证书才能运行,包括管理员配置的加密和签名证书,以及由 HGS 本身管理的证明证书。HGS requires several certificates in order to operate, including the admin-configured encryption and signing certificate as well as an attestation certificate managed by HGS itself. 如果这些证书配置不正确,则 HGS 将无法处理来自 Hyper-v 主机的请求,该主机希望证明或解锁受防护的 Vm 的密钥保护程序。If these certificates are incorrectly configured, HGS will be unable to serve requests from Hyper-V hosts wishing to attest or unlock key protectors for shielded VMs. 以下部分介绍了与在 HGS 上配置的证书相关的常见问题。The following sections cover common problems related to certificates configured on HGS.

证书权限Certificate Permissions

HGS 必须能够访问证书指纹添加到 HGS 的加密证书和签名证书的公钥和私钥。HGS must be able to access both the public and private keys of the encryption and signing certificates added to HGS by the certificate thumbprint. 具体而言,组托管服务帐户 (gMSA) 运行 HGS 服务需要访问密钥。Specifically, the group managed service account (gMSA) that runs the HGS service needs access to the keys. 若要查找 HGS 使用的 gMSA,请在你的 HGS 服务器上的权限提升的 PowerShell 提示符下运行以下命令:To find the gMSA used by HGS, run the following command in an elevated PowerShell prompt on your HGS server:

(Get-IISAppPool -Name KeyProtection).ProcessModel.UserName

如何授予 gMSA 帐户对使用私钥的访问权限取决于存储密钥的位置:在计算机上作为本地证书文件、在硬件安全模块 (HSM) 或使用自定义的第三方密钥存储提供程序。How you grant the gMSA account access to use the private key depends on where the key is stored: on the machine as a local certificate file, on a hardware security module (HSM), or using a custom third-party key storage provider.

授予对软件支持的私钥的访问权限Grant access to software-backed private keys

如果你使用的是自签名证书或证书颁发机构颁发的证书,而该证书颁发机构 存储在硬件安全模块或自定义密钥存储提供程序中,则可以通过执行以下步骤更改私钥权限:If you are using a self-signed certificate or a certificate issued by a certificate authority that is not stored in a hardware security module or custom key storage provider, you can change the private key permissions by performing the following steps:

  1. (certlm.msc 中打开本地证书管理器) Open local certificate manager (certlm.msc)
  2. 展开 " 个人 > 证书 " 并找到要更新的签名或加密证书。Expand Personal > Certificates and find the signing or encryption certificate that you want to update.
  3. 右键单击该证书,然后选择 " 所有任务" > "管理私钥"。Right-click the certificate and select All Tasks > Manage Private Keys.
  4. 选择 " 添加 " 以向新用户授予对证书私钥的访问权限。Select Add to grant a new user access to the certificate's private key.
  5. 在对象选取器中,输入之前找到的 HGS 的 gMSA 帐户名称,然后选择 "确定"In the object picker, enter the gMSA account name for HGS found earlier, then select OK.
  6. 确保 gMSA 对证书具有 读取 访问权限。Ensure the gMSA has Read access to the certificate.
  7. 选择 "确定" 以关闭 "权限" 窗口。Select OK to close the permission window.

如果在服务器核心上运行 HGS 或远程管理服务器,将不能使用本地证书管理器管理私钥。If you are running HGS on Server Core or are managing the server remotely, you will not be able to manage private keys using the local certificate manager. 相反,你将需要下载 受保护的构造工具 PowerShell 模块 ,该模块将允许你在 PowerShell 中管理权限。Instead, you will need to download the Guarded Fabric Tools PowerShell module which will allow you to manage the permissions in PowerShell.

  1. 在 Server Core 计算机上打开提升的 PowerShell 控制台,或使用具有对 HGS 的本地管理员权限的帐户的 PowerShell 远程处理。Open an elevated PowerShell console on the Server Core machine or use PowerShell Remoting with an account that has local administrator permissions on HGS.
  2. 运行以下命令以安装受保护的构造工具 PowerShell 模块,并向 gMSA 帐户授予对私钥的访问权限。Run the following commands to install the Guarded Fabric Tools PowerShell module and grant the gMSA account access to the private key.
$certificateThumbprint = '<ENTER CERTIFICATE THUMBPRINT HERE>'

# Install the Guarded Fabric Tools module, if necessary
Install-Module -Name GuardedFabricTools -Repository PSGallery

# Import the module into the current session
Import-Module -Name GuardedFabricTools

# Get the certificate object
$cert = Get-Item "Cert:\LocalMachine\My\$certificateThumbprint"

# Get the gMSA account name
$gMSA = (Get-IISAppPool -Name KeyProtection).ProcessModel.UserName

# Grant the gMSA read access to the certificate
$cert.Acl = $cert.Acl | Add-AccessRule $gMSA Read Allow

授予对 HSM 或自定义提供程序支持的私钥的访问权限Grant access to HSM or custom provider-backed private keys

如果证书的私钥由硬件安全模块 (HSM) 或自定义密钥存储提供程序 (KSP) ,则权限模型将取决于您的特定软件供应商。If your certificate's private keys are backed by a hardware security module (HSM) or a custom key storage provider (KSP), the permission model will depend on your specific software vendor. 为了获得最佳结果,请查阅供应商的文档或支持网站,以获取有关如何为特定设备/软件处理私钥权限的信息。For the best results, consult your vendor's documentation or support site for information on how private key permissions are handled for your specific device/software. 在所有情况下,HGS 使用的 gMSA 都需要对加密、签名和通信证书私钥的 读取 权限,以便能够执行签名和加密操作。In all cases, the gMSA used by HGS requires read permissions on the encryption, signing, and communications certificate private keys so that it can perform signing and encryption operations.

某些硬件安全模块不支持向特定的用户帐户授予对私钥的访问权限;相反,它们允许计算机帐户访问特定密钥集中的所有密钥。Some hardware security modules do not support granting specific user accounts access to a private key; rather, they allow the computer account access to all keys in a specific key set. 对于此类设备,通常足以使计算机能够访问密钥,并且 HGS 将能够利用该连接。For such devices, it is usually sufficient to give the computer access to your keys and HGS will be able to leverage that connection.

Hsm 的技巧Tips for HSMs

下面是建议的配置选项,这些选项可帮助你成功地将支持 HSM 的密钥与基于 Microsoft 及其合作伙伴体验的 HGS 结合使用。Below are suggested configuration options to help you successfully use HSM-backed keys with HGS based on Microsoft and its partners' experiences. 为方便起见,我们提供了这些提示,在阅读本文时并不保证它们是正确的,也不会被 HSM 制造商认可。These tips are provided for your convenience and are not guaranteed to be correct at the time of reading, nor are they endorsed by the HSM manufacturers. 如果你有其他问题,请与 HSM 制造商联系,以获取有关特定设备的准确信息。Contact your HSM manufacturer for accurate information pertaining to your specific device if you have further questions.

HSM 品牌/系列HSM Brand/Series 建议Suggestion
Gemalto 身份 SafeNetGemalto SafeNet 确保证书请求文件中的 "密钥用法" 属性设置为0xa0,允许使用证书进行签名和加密。Ensure the Key Usage Property in the certificate request file is set to 0xa0, allowing the certificate to be used for signing and encryption. 此外,还必须使用本地证书管理器工具授予 gMSA 帐户对私钥的 读取 访问权限 (参阅上述步骤) 。Additionally, you must grant the gMSA account read access to the private key using the local certificate manager tool (see steps above).
nCipher nShieldnCipher nShield 确保每个 HGS 节点都有权访问包含签名和加密密钥的安全体系。Ensure each HGS node has access to the security world containing the signing and encryption keys. 你可能还需要使用本地证书管理器授予 gMSA 对私钥的 读取 访问权限 (请参阅上述步骤) 。You may additionally need to grant the gMSA read access to the private key using the local certificate manager (see steps above).
Utimaco CryptoServersUtimaco CryptoServers 确保证书请求文件中的 "密钥用法" 属性设置为 "0x13",以允许将证书用于加密、解密和签名。Ensure the Key Usage Property in the certificate request file is set to 0x13, allowing the certificate to be used for encryption, decryption, and signing.

证书请求Certificate requests

如果你使用证书颁发机构在 (PKI) 环境的公钥基础结构中颁发证书,则需要确保证书请求包含对这些密钥的 HGS 使用的最低要求。If you are using a certificate authority to issue your certificates in a public key infrastructure (PKI) environment, you will need to ensure your certificate request includes the minimum requirements for HGS' usage of those keys.

签名证书Signing Certificates

CSR 属性CSR Property 必需的值Required Value
算法Algorithm RSARSA
密钥大小Key Size 至少2048位At least 2048 bits
密钥用法Key Usage 签名/签名/DigitalSignatureSignature/Sign/DigitalSignature

加密证书Encryption Certificates

CSR 属性CSR Property 必需的值Required Value
算法Algorithm RSARSA
密钥大小Key Size 至少2048位At least 2048 bits
密钥用法Key Usage 加密/加密/DataEnciphermentEncryption/Encrypt/DataEncipherment

Active Directory 证书服务模板Active Directory Certificate Services Templates

如果使用 Active Directory 证书服务 (ADCS) 证书模板来创建证书,建议使用具有以下设置的模板:If you are using Active Directory Certificate Services (ADCS) certificate templates to create the certificates, we recommended you use a template with the following settings:

ADCS 模板属性ADCS Template Property 必需的值Required Value
提供程序类别Provider Category 密钥存储提供程序Key Storage Provider
算法名称Algorithm Name RSARSA
最小密钥大小Minimum Key Size 20482048
目的Purpose 签名和加密Signature and Encryption
密钥用法扩展Key Usage Extension 数字签名、密钥译码、数据加密 ( "允许对用户数据进行加密" ) Digital Signature, Key Encipherment, Data Encipherment ("Allow encryption of user data")

时间偏差Time Drift

如果服务器的时间与受保护构造中的其他 HGS 节点或 Hyper-v 主机的偏移明显相同,则可能会遇到证明签名者证书有效性的问题。If your server's time has drifted significantly from that of other HGS nodes or Hyper-V hosts in your guarded fabric, you may encounter issues with the attestation signer certificate validity. 在 HGS 上的后台创建并续订证明签名者证书,并用于签署由证明服务颁发给受保护主机的健康证书。The attestation signer certificate is created and renewed behind the scenes on HGS and is used to sign health certificates issued to guarded hosts by the Attestation Service.

若要刷新证明签名者证书,请在提升的 PowerShell 提示符下运行以下命令。To refresh the attestation signer certificate, run the following command in an elevated PowerShell prompt.

Start-ScheduledTask -TaskPath \Microsoft\Windows\HGSServer -TaskName
AttestationSignerCertRenewalTask

或者,你可以通过打开 任务计划程序 (taskschd.msc) ,导航到 任务计划程序库 > Microsoft > HGSServer 并运行名为 AttestationSignerCertRenewalTask的任务,手动运行计划的任务。Alternatively, you can manually run the scheduled task by opening Task Scheduler (taskschd.msc), navigating to Task Scheduler Library > Microsoft > Windows > HGSServer and running the task named AttestationSignerCertRenewalTask.

切换证明模式Switching Attestation Modes

如果将 HGS 从 TPM 模式切换到 Active Directory 模式,或使用 HgsServer cmdlet 将其切换为相反模式,则你的 hgs 群集中的每个节点可能需要长达10分钟的时间才能开始强制实施新的证明模式。If you switch HGS from TPM mode to Active Directory mode or vice versa using the Set-HgsServer cmdlet, it may take up to 10 minutes for every node in your HGS cluster to start enforcing the new attestation mode. 这是正常行为。This is normal behavior. 建议你在使用新的证明模式验证所有主机均已成功证明之前,不要删除任何允许主机使用以前的证明模式的策略。It is advised that you do not remove any policies allowing hosts from the previous attestation mode until you have verified that all hosts are attesting successfully using the new attestation mode.

从 TPM 切换到 AD 模式时的已知问题Known issue when switching from TPM to AD mode

如果在 TPM 模式下初始化了 HGS 群集并随后切换到 Active Directory 模式,则会出现一个已知问题,它会阻止你的 HGS 群集中的其他节点切换到新的证明模式。If you initialized your HGS cluster in TPM mode and later switch to Active Directory mode, there is a known issue that prevents other nodes in your HGS cluster from switching to the new attestation mode. 若要确保所有 HGS 服务器都强制实施正确的证明模式,请 Set-HgsServer -TrustActiveDirectory 在 HGS 群集的 每个节点上 运行。To ensure all HGS servers are enforcing the correct attestation mode, run Set-HgsServer -TrustActiveDirectory on each node of your HGS cluster. 如果要从 TPM 模式切换到 AD 模式 ,并且 群集最初是在 ad 模式下设置的,则不会应用此问题。This issue does not apply if you are switching from TPM mode to AD mode and the cluster was originally set up in AD mode.

可以通过运行 HgsServer来验证 HGS 服务器的证明模式。You can verify the attestation mode of your HGS server by running Get-HgsServer.

内存转储加密策略Memory dump encryption policies

如果你尝试配置内存转储加密策略,但未看到默认的 HGS 转储策略 (Hgs _ NoDumps、hgs _ DumpEncryption 和 hgs _ DumpEncryptionKey) 或转储策略 cmdlet (HgsAttestationDumpPolicy) ,则很可能你没有安装最新的累积更新。If you are trying to configure memory dump encryption policies and do not see the default HGS dump policies (Hgs_NoDumps, Hgs_DumpEncryption and Hgs_DumpEncryptionKey) or the dump policy cmdlet (Add-HgsAttestationDumpPolicy), it is likely that you do not have the latest cumulative update installed. 若要解决此问题,请将 你的 HGS 服务器更新 到最新的累积 Windows 更新并 激活新的证明策略To fix this, update your HGS server to the latest cumulative Windows update and activate the new attestation policies. 激活新的证明策略之前,请确保将 Hyper-v 主机更新为相同的累积更新,因为在激活 HGS 策略后,未安装新的转储加密功能的主机可能会失败证明。Ensure you update your Hyper-V hosts to the same cumulative update before activating the new attestation policies, as hosts that do not have the new dump encryption capabilities installed will likely fail attestation once the HGS policy is activated.

认可密钥证书错误消息Endorsement Key Certificate error messages

使用 HgsAttestationTpmHost cmdlet 注册主机时,会从提供的平台标识符文件中提取两个 TPM 标识符:认可密钥证书 (EKcert) ,公共认可密钥 (EKpub) 。When registering a host using the Add-HgsAttestationTpmHost cmdlet, two TPM identifiers are extracted from the provided platform identifier file: the endorsement key certificate (EKcert) and the public endorsement key (EKpub). EKcert 标识 TPM 的制造商,从而保证 TPM 是真实的,并通过正常供应链制造。The EKcert identifies the manufacturer of the TPM, providing assurances that the TPM is authentic and manufactured through the normal supply chain. EKpub 可以唯一地标识该特定 TPM,它是 HGS 用于授予主机运行受防护的 Vm 访问权限的一种措施。The EKpub uniquely identifies that specific TPM, and is one of the measures HGS uses to grant a host access to run shielded VMs.

如果满足以下两个条件之一,则在注册 TPM 主机时,会收到错误:You will receive an error when registering a TPM host if either of the two conditions are true:

  1. 平台标识符文件 包含认可密钥证书The platform identifier file does not contain an endorsement key certificate
  2. 平台标识符文件包含认可密钥证书,但你的系统 不信任 该证书The platform identifier file contains an endorsement key certificate, but that certificate is not trusted on your system

某些 TPM 制造商未在其 Tpm 中包含 EKcerts。Certain TPM manufacturers do not include EKcerts in their TPMs. 如果怀疑您的 TPM 是这种情况,请向 OEM 确认 Tpm 不应具有 EKcert,并使用 -Force 标志手动向 HGS 注册该主机。If you suspect that this is the case with your TPM, confirm with your OEM that your TPMs should not have an EKcert and use the -Force flag to manually register the host with HGS. 如果 TPM 应具有 EKcert,但在平台标识符文件中找不到,请确保在主机上运行 PlatformIdentifier 时,使用的是管理员 (提升的) PowerShell 控制台。If your TPM should have an EKcert but one was not found in the platform identifier file, ensure you are using an administrator (elevated) PowerShell console when running Get-PlatformIdentifier on the host.

如果你收到 EKcert 不受信任的错误,请确保你已在每个 HGS 服务器上 安装受信任的 TPM 根证书包 ,并且你的 TPM 供应商的根证书位于本地计算机的 TrustedTPM _ rootca.cer 存储区中。If you received the error that your EKcert is untrusted, ensure that you have installed the trusted TPM root certificates package on each HGS server and that the root certificate for your TPM vendor is present in the local machine's TrustedTPM_RootCA store. 还需要在本地计算机上的 TrustedTPM _ IntermediateCA 存储中安装任何适用的中间证书。Any applicable intermediate certificates also need to be installed in the TrustedTPM_IntermediateCA store on the local machine. 安装根证书和中间证书后,应该能够 Add-HgsAttestationTpmHost 成功运行。After installing the root and intermediate certificates, you should be able to run Add-HgsAttestationTpmHost successfully.

组托管服务帐户 (gMSA) 权限Group managed service account (gMSA) privileges

需要授予 IIS) 中用于密钥保护服务应用程序池 (gMSA 的 HGS 服务帐户 " 生成安全审核 " 权限(也称为) SeAuditPrivilegeHGS service account (gMSA used for Key Protection Service application pool in IIS) needs to be granted Generate security audits privilege, also known as SeAuditPrivilege. 如果缺少此特权,初始 HGS 配置将成功,并且 IIS 将启动,但是密钥保护服务无法正常工作,并返回 HTTP 错误500, _ ( "在/KeyProtection 应用程序中出现服务器错误" ) 。_If this privilege is missing, initial HGS configuration succeeds and IIS starts, however the Key Protection Service is non-functional and returns HTTP error 500 (“Server Error in /KeyProtection Application”). 你还可能在应用程序事件日志中看到以下警告消息。You may also observe the following warning messages in Application event log.

System.ComponentModel.Win32Exception (0x80004005): A required privilege is not held by the client
at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.NativeUtility.RegisterAuditSource(String pszSourceName, SafeAuditProviderHandle& phAuditProvider)
at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.SecurityLog.RegisterAuditSource(String sourceName)

or

Failed to register the security event source.
   at System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app)
   at System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers)
   at System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context)
   at System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context)
   at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)

Failed to register the security event source.
   at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.SecurityLog.RegisterAuditSource(String sourceName)
   at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.SecurityLog.ReportAudit(EventLogEntryType eventType, UInt32 eventId, Object[] os)
   at Microsoft.Windows.KpsServer.KpsServerHttpApplication.Application_Start()

A required privilege is not held by the client
   at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.NativeUtility.RegisterAuditSource(String pszSourceName, SafeAuditProviderHandle& phAuditProvider)
   at Microsoft.Windows.KpsServer.Common.Diagnostics.Auditing.SecurityLog.RegisterAuditSource(String sourceName)

此外,你可能会注意到没有任何密钥保护服务 cmdlet (例如 HgsKeyProtectionCertificate) 工作,而是返回错误。Additionally, you may notice that none of the Key Protection Service cmdlets (e.g. Get-HgsKeyProtectionCertificate) work and instead return errors.

若要解决此问题,需要向 gMSA 授予 "生成安全审核" (SeAuditPrivilege) 。To resolve this issue, you need to grant gMSA the “Generate security audits” (SeAuditPrivilege). 要执行此操作,可以使用 SecPol.msc HGS 群集的每个节点上的本地安全策略,或者组策略。To do that, you may use either Local security policy SecPol.msc on every node of the HGS cluster, or Group Policy. 或者,您可以使用 SecEdit.exe 工具导出当前安全策略,在配置文件中进行必要的编辑, (这是纯文本) ,然后将其重新导入。Alternatively, you could use SecEdit.exe tool to export the current Security policy, make the necessary edits in the configuration file (which is a plain text) and then import it back.

备注

配置此设置时,为权限定义的安全原则列表会完全覆盖默认值, (不会将) 连接起来。When configuring this setting, the list of security principles defined for a privilege fully overrides the defaults (it does not concatenate). 因此,在定义此策略设置时,除了要添加的 gMSA 外,还请确保将此特权的默认担任者( (网络服务和本地服务) )包括在内。Hence, when defining this policy setting, be sure to include both default holders of this privilege (Network service and Local service) in addition to the gMSA that you are adding.