Release notes
The requested article is not available. Either it doesn't apply to this version of the product or the relevant information is organized differently in this version of the docs. You can search, browse, or go back to the other version.
Transition to external key management from onboard key management in ONTAP
Contributors
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
If you want to switch to external key management from onboard key management, you must delete the onboard key management configuration before you can enable external key management.
Before you begin
-
For hardware-based encryption, you must reset the data keys of all FIPS drives or SEDs to the default value.
-
For software-based encryption, you must unencrypt all volumes.
-
You must be a cluster administrator to perform this task.
Step
-
Delete the onboard key management configuration for a cluster:
For this ONTAP version…
Use this command…
ONTAP 9.6 and later
security key-manager onboard disable -vserver SVMONTAP 9.5 and earlier
security key-manager delete-key-database
Learn more about the commands described in this procedure in the ONTAP command reference.
