How can I require a prompt for the OKM passphrase at controller reboot?
- ONTAP 9
- NetApp Volume Encryption (NVE)
- NetApp Aggregate Encryption (NAE)
- You can opt to require the OKM passphrase by using the
-enable-cc-mode trueoption with the
security key-manager setupcommand.
- This can be turned on prior to moving a controller and disk shelves and turned off after the move is complete.
- Starting with ONTAP 9.6, the command is
security key-manager onboard enable -cc-mode-enabled yes.
FAQ: NetApp Volume Encryption and NetApp Aggregate Encryption