NVE: cannot replace SSL certificates for KMIP servers
Applies to
- NetApp Volume Encryption (NVE)
- External Key Management (EKM)
- HashiCorp Vault
- Key Management Interoperability Protocol (KMIP)
- ONTAP 9.7GA - P4
Issue
Following the steps to replace SSL certificates, when trying to disable the connection to the kmip servers the bellow error is displayed:
cluster01::*> key-manager external remove-servers -key-servers km.XXX.XXX.com:5999 -vserver svm1
Error: command failed: The key server at "km.XXX.XXX.com" contains volume encryption keys that are cu
rrently in use and not available from any other configured key server.