Transition to onboard key management from external key management

Contributors

If you want to switch to onboard key management from external key management, you must delete the external key management configuration before you can enable onboard key management.

What you’ll need
Steps
  1. Delete the external key management configuration for a cluster:

    security key-manager delete-kmip-config

    For this ONTAP version…​

    Use this command…​

    ONTAP 9.6 and later

    security key-manager external disable -vserver admin_SVM

    ONTAP 9.5 and earlier

    security key-manager delete-kmip-config

    Note

    For complete command syntax, see the man pages. The ONTAP 9.6 version of the command requires advanced privilege level.

    The following ONTAP 9.6 commands delete the external key management configurations for cluster1:

    cluster1::> set -privilege advanced
    cluster1::> security key-manager external disable