Skip to main content
A newer release of this product is available.

security key-manager onboard enable

Contributors
Suggest changes

Enable onboard key manager

Availability: This command is available to cluster administrators at the admin privilege level.

Description

This command enables the onboard key manager for the admin Vserver.

Parameters

[-cc-mode-enabled {yes|no}] - Enable Common Criteria Mode?

Use this parameter to specify whether the Common Critieria (CC) mode should be enabled or not. When CC mode is enabled, you are required to provide a cluster passphrase that is between 64 and 256 ASCII character long, and you are required to enter that passphrase each time a node reboots. CC mode cannot be enabled in a MetroCluster configuration.

Examples

The following example enables the Onboard Key Manager for the admin Vserver cluster-1:

cluster-1::> security key-manager onboard enable

Enter the cluster-wide passphrase for onboard key management:

Re-enter the cluster-wide passphrase:

After configuring onboard key management, save the encrypted configuration data in a safe location so that you can use it if you need to perform a manual recovery operation. To view the data, use the "security key-manager onboard show-backup" command.