Managing key managers and certificates for ONTAP Cloud

You must update encryption settings for ONTAP Cloud as you make changes in your key management infrastructure and when certificates are about to expire.

Before you begin

You must have enabled ONTAP Cloud encryption when you launched the instance.

Steps

  1. In the working environment, click the menu icon and then click Encryption settings.
  2. Manage encryption settings as needed:
    To perform this task… Do this…
    Configure ONTAP Cloud to use a new key manager Click the + icon, select the key manager, and click Save.

    The key manager CA certificate selected for this ONTAP Cloud system must have signed the server certificate for this new key manager.

    Stop ONTAP Cloud from using an existing key manager Select the key manager, click Delete, and then click OK.
    View details about certificates Click View details for either the client certificate or key manager CA certificate.
    Renew a client certificate that has expired Click Renew and then click OK.
    Use a different key manager CA certificate Click Update, select the certificate, and then click Save. The certificate must be for the CA that signed the server certificate for each key manager configured with this ONTAP Cloud system. Those key managers must trust this CA.