Skip to main content
NetApp Knowledge Base

How to verify onboard key management backup and cluster-wide passphrase

Views:
593
Visibility:
Public
Votes:
2
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9.7 and later
  • Onboard Key Manager

Description

Steps are provided on how to validate a cluster passphrase to ensure that it is correct should the passphrase be needed for recovery.
  • ONTAP provides the ability to be configured for onboard key management to encrypt data at rest. 
    • The configuration is secured with a cluster-wide passphrase that is entered when the onboard key manager is configured and can be changed as needed
    • The cluster-wide passphrase is a minimum of 32 characters (64 characters if using cc-mode) with a maximum of 256 characters.
    • Retention of both the passphrase and backup information is absolutely critical for assurance that access to encrypted data will always be available. 
    • The loss of either of those items risks loss of access to that encrypted data under various scenarios.

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device