security key-manager onboard update-passphrase
Update the Onboard Key Manager Passphrase
Availability: This command is available to cluster administrators at the advanced privilege level.
Description
This command provides a way to update the cluster-wide passphrase that is used for the Onboard Key Manager and initially created by running the security key-manager onboard enable command. This command prompts for the existing passphrase, and if that passphrase is correct then the command prompts for a new passphrase. When the Onboard Key Manager is enabled for the admin Vserver, run the security key-manager onboard show-backup command after updating the passphrase and save the output for emergency recovery scenarios. When the security key-manager onboard update-passphrase
command is executed in a MetroCluster configuration, then run the security key-manager onboard sync command with the new passphrase on the partner site before proceeding with any key-manager operations. This allows the updated passphrase to be replicated to the partner site.
Parameters
Examples
The following example updates the cluster-wide passphrase used for the Onboard Key Manager:
cluster-1::*> security key-manager onboard update-passphrase Warning: This command will reconfigure the cluster passphrase for onboard key management. Do you want to continue? {y|n}: y Enter current passphrase: Enter new passphrase: Reenter the new passphrase: Update passphrase has completed. Save the new encrypted configuration data in a safe location so that you can use it if you need to perform a manual recovery operation. To view the data, use the "security key-manager onboard show-backup" command.